2013 Trends: Security in a Cloud Environment and BYOD
Cyber attacks against commercial companies are not only rising in frequency but are also becoming increasingly sophisticated. The growing threat has raised the corporate awareness, and many firms have become more receptive to new technologies like cloud and BYOD (bring your own device). As we enter 2013, I see a few trends that will improve overall defensive cyber capabilities.
Clinical data processing is most commonly being conducted in highly virtualized data centers where applications and databases are shared on a single piece of hardware. But the security demilitarized zone (DMZ) is still on a monolithic device that acts as a sentry for all data coming and going. In 2013 you will see the security DMZ fully integrate into the virtual environment.
In this new scenario everything will be virtualized making the system more consistent and better able to handle the next logical step – a total cloud environment.
As data centers become totally virtualized from top to bottom, the progression to a fully scalable cloud environment is inevitable. The benefits gained from fully integrating applications, services, databases and security into a virtual environment break the bonds that constrained data center efficiency and security in the past. With applications no longer tied to a single location by physical assets, why not combine all the memory, disk space and yes, even security controls, into the cloud.
I see 2013 as the year in which cloud computing really becomes an adopted methodology due to the expanded choice and control. From a purely operational perspective, the ability to scale up or down in a virtual data center is very appealing. At the same time, it also has a number of pluses for security. With security controls fully integrated into the cloud environment, single points of failure start to vanish. Rigorous change management procedures across multiple devices in multiple data centers also diminish as the security updates are made in the cloud environment for all users at the same time.
The final area that I see changing in 2013 is the use of BYOD. Mobile devices made significant inroads in 2012, but 2013 may be the breakout year for electronic data capture using these devices. Increasing volumes of data—a virtual gold mine in terms of customer insight—will create challenges around managing, interpreting and securing that information. The biggest threat with BYOD is the loss of the device—either accidentally or through theft. To alleviate that threat, I see a convergence of cloud computing to permit safe and secure storage of the data with the use of BYODs, alongside traditional workstations to actually enter the data. Now a user can enter data virtually anywhere, anytime and that data is essentially being processed at all times.
In summary, 2013 should be the year that virtualization of data collection, storage and processing via BYOD and cloud computing changes the corporate and the information security mindset. Over the past decade, data centers hunkered down and relied on the safety of the hardened site while giving up flexibility and scalability. At the same time, attackers honed their skills against a stationary target. The 2013 mindset should be one where corporations are free to grow and expand their data processing as needed. It will be safe to leave the monolithic data center because the virtual cloud environment is not stationary but a moving target that is harder to compromise.
More on Glenn Watt
Comments in this post
Leave a reply
In a risk-based monitoring (RBM) up ...Can a Clinical Data Repository Help ...
http://youtu.be/Kjn7Yo4joFM One ...Q&A: What Is Triggered Monitoring?
http://youtu.be/JojyZqyKFDQ How ...Taking ePRO to New Places
Why in this day and age, with p ...Randomization and Trial Supply Mana ...
I have a keen interest in a particu ...
SCDM: Risk-Based Monitoring and the Implications to Data Management
I absolutely agree with this approach. I think Clinical Data Manager are the one with technical skills and behaviors to...
How Technology and Partnerships are Shaping the Evolving CRO Market (Part 1)
Awesome job guys!!
What a New Proof-of Concept Might Mean for Clinical Trials of the Future (Part 2)
These thoughts on RCT Phase I with continual patient data entry, often without site visits or supervision, may be Ok...
Health Care Innovation Takes Center Stage at Health 2.0
thanks for sharing.. it sounds really good in this article... this providing fund to EHR ..good to see...
Black Hat is Black Gold for Medidata
"With the right tools, a hacker can capture the login credentials of a user and gain “front-door” access to an...
Clinical Data Analytics
Clinical Study Design
Clinical Trial Budgeting
Clinical Trial Management
Clinical Trial Phases
Cloud Computing, SaaS and PaaS
ePRO and mHealth
FDA and Regulatory Affairs
Innovation and Entrepreneurship
Interoperability and eClinical
Randomization and Clinical Trial Supply
Site Engagement and Monitoring
Technology and Agile Development