Sep 01 2016

As Businesses Enable Cloud and Mobility, They Cannot Forget About Security

Understanding the differences in the security challenges these technologies face is the first step in overcoming them.

The IT market is shifting dramatically in today’s consumer-driven technology environment. End users watch as companies such as Apple, Google, Facebook and Amazon rapidly roll out new products and services that change the way people interact with technology overnight.

The simultaneous rise of cloud computing and the widespread availability of mobile computing through smartphones and tablets provide consumers with unprecedented access to information and an ability to manipulate the physical environment around them with the tap of a device screen.

On Monday morning, these consumers make their way to work and bring the expectations set in the consumer technology space with them. They expect enterprise IT services to facilitate the same types of cloud and mobile interaction at work that they experience at home.

These changing expectations present tremendous challenges for enterprise IT organizations. They know that the delivery of cloud-enabled mobile solutions is a complex undertaking that presents significant security demands. These teams strive to deliver the caliber of service that users and customers expect, while preserving the confidentiality, integrity and availability of information and systems. Cloud and mobility offer true benefits that promise to boost productivity and improve customer service, but must have security as an important cornerstone that is carefully managed.

Cloud computing and mobility share common security issues that enterprises must address, but they also have characteristics that require slightly different security strategies. The common ground these two issues share is that they break down barriers between enterprise IT and the outside world. The conversation about security has shifted from the perimeter-focused enterprise of the past to a cloud-enabled, mobile enterprise that must consider how to meet security objectives when data regularly flows outside of the traditional perimeter. Whether data shifts from an on-premises data center to a cloud service provider or a user’s mobile device, IT professionals must now embrace security strategies that focus on protecting data wherever it is stored, processed and transmitted.

Healthcare Providers Need to Balance Cloud and Security 

The convergence of cloud and mobile computing promise to reinvent the healthcare industry. While the healthcare system has been generally slow to adopt digital technology, the consumerization of technology is pushing the industry toward a world of electronic medical records (EMRs) that are accessible to both providers and patients alike from anywhere, at any time. Patients expect to have electronic access to information and that providers will facilitate the exchange of healthcare information with hospitals, physicians, pharmacies and other care partners.

Health information exchanges now exist in many communities that facilitate this flow of information, acting as private cloud providers that share patient records between healthcare providers so that, for example, physicians know that a patient arriving in the emergency room unconscious was recently seen by a local physician for hypertension. The ER doctor can pull this information up at the patient’s bedside using a tablet that seamlessly accesses and updates the EMR.

This vision of healthcare is rapidly becoming reality, but it brings with it significant security and compliance concerns. Providers participating in EMR systems must do so knowing that they are fully compliant with the Health Insurance Portability and Accountability Act (HIPAA) and that the cloud services used to exchange this information will do so in a manner that respects patient privacy and limits access to providers with a medical need to know. As with many other industries, healthcare providers must balance the productivity of more open information flow with the security concerns that demand protecting the confidentiality, integrity and availability of protected health information.

Cloud and Mobile in Retail

While retail stores are a world apart from hospitals, pharmacies and doctors offices, the same benefits that are driving healthcare to mobile and the cloud are also driving retailers in the same direction. The days of sales associates retreating to fixed workstations or physically visiting stockrooms to check inventory levels are rapidly disappearing as tablets become more visible on the sales floor. With a few taps of the screen, associates can quickly check inventory levels and pricing information from a constantly updated database that reflects changing stock conditions in real time. When a customer requests an item, an associate can quickly summon it from inventory with another tap and have it ready at the cash register when the customer arrives.

Customers also expect retailers to support a secure mobile experience. Mobile apps enhance the customer’s in-store experience by displaying detailed product information and customer reviews as they shop. Mobile payment solutions now provide consumers with the convenience of completing a transaction by simply placing their phone near a payment terminal, rather than fishing around for cash or credit cards.

Of course, all of these experiences must take place in a secure environment. The numerous retail security breaches that have occurred in recent years underline how a major security incident can quickly erode consumer confidence and cause significant financial and public relations issues for retailers. Just as healthcare organizations must contend with HIPAA regulations, retailers must ensure that their cloud and mobile strategies allow them to remain fully compliant with the Payment Card Industry Data Security Standard (PCI DSS).

To learn more about cloud, mobile and other security issues, visit


Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT