- Email: [email protected]
Safe digital transformation for SMEs
FEATURE
Safe digital transformation for SMEs Jack Bedell-Pearce, 4D Data Centres The pressure is on for British businesses over the next couple of years. With the EU’s General Data Protection Regulation (GDPR) now in force and Brexit looming, what can UK SMEs learn from their enterprise cousins during this profound period of transformation? Digital transformation is a term that most major enterprises not only feel comfortable with but are embracing. Containerisation, ‘as a service’ and other cloud-based models all make sense to larger businesses in allowing greater flexibility to their infrastructures while helping them to meet stronger security and safety needs as well as compliance and data sovereignty requirements. It also addresses the need for greater business continuity in the event of a disaster (natural or otherwise) and improved accessibility to not just their hardware but also their data.
“Many SMEs recognise that moving their infrastructure into the cloud can be a major shift and many aren’t ready to make such a large-scale change” A recent survey of SMEs found that 70% of them agreed that a flexible infrastructure and a solid strategy were key to mitigating risk.1 Yet nearly half (49%) of companies kept client data on-premise, with only 1% of them anticipating a move to the cloud or a datacentre in the next two years. The responses were similar for company data, with 51% currently hosting it on-premise and only 2% planning to move it offsite. So why is there a reluctance for smaller businesses to follow the already well-trodden (and proven) path of larger organisations? Not all SMEs are ‘server huggers’ but many recognise that moving their infrastructure into the cloud can be a major shift and many aren’t ready to 6
Network Security
make such a large-scale change. This is particularly true of companies that are working with a well-established legacy server infrastructure. And many fear that the shift could result in a huge amount of disruption that simply outweighs the benefits of using cloud solutions in the first place. And, of course, with a legacy infrastructure there will always be some technology that simply can’t be transitioned into the cloud and will need to be completely replaced. But does this point of view help SMEs in future proofing their business interests? And if they consider the route of digital transformation, what are the benefits?
Guaranteed security Whatever type of data the business is storing, guaranteeing its safety and security is paramount – and this is especially true when dealing with sensitive business or customer data. But maintaining data security isn’t a clear-cut case of locking the server room against threats (though physical security is as important as digital security). It requires balancing the benefits of every type of infrastructure against the risks and making the decision that best suits the business. As transformation moves up the agenda for SMEs, the digital security of applications and data remains one of the key concerns. In the survey, 35% of respondents cited security as one of the main barriers preventing them from moving into the cloud, and understandably, this isn’t without reason. Sharing space in the public cloud can put data at risk.2 One of the main issues is a lack of control: once data is placed
Jack Bedell-Pearce
in a third-party system, there is no direct control over its security and privacy settings. In the public cloud, space is shared with other companies and if their data isn’t secure, it can also put that of others at risk. Public cloud users are also susceptible to the ‘noisy neighbour principle’ – if one end user is targeted in a DDoS attack, the resultant swamping of CPU and network resources can impact others that share the common infrastructure. The shared use of CPU resources in public clouds is also an ongoing issue, as security vulnerabilities emerge from the well-publicised Spectre exploit. To ensure data stays as secure as possible, SMEs need to choose a solution that includes encryption and strong security credentials. Digital security can be just as much of a risk when hosting applications and data on-premise too.
“Fire damage is almost always unrecoverable – the replacement cost of lost hardware can be huge, but when data loss is also factored in, the costs to a business can be significant” The attraction to SMEs that there are fewer risks from sharing IT resources with unknown third parties is false. It’s actually easier to gain physical access to on-premise servers when they’re stored in offices shared by non-technical (or contractor) staff. The oft-cited ‘leaving a USB stick in the car park’ social engineering trick continues to catch companies out thanks to curious, non-security conscious staff.
November 2018
FEATURE
Keeping hardware safe It’s not just hacking and theft that puts data at risk. Fire and flood are both high risks, and for SMEs, getting the right measures in place to protect hardware and data can be cost-prohibitive. In 2017 alone, fire and rescue services in England attended 12,431 fires in non-dwelling buildings. Fire damage is almost always unrecoverable – the replacement cost of lost hardware can be huge, but when data loss is also factored in, the costs to a business can be significant. In fact, fire accounts for 17% of all business losses.
“There is no doubt that SMEs will need to take a less hands-on approach to their data and application management in the future. It is time for SMEs to consider the options to better future proof their interests” Around a quarter of accidental nondwelling fires are caused by faulty electrical equipment. Small server rooms that haven’t been purpose built (which is normal for SMEs), can experience a high heat output from the hardware and so pose an increased fire risk. Water damage is also a significant risk in the UK, with over 260,000 commercial properties located in areas with a high likelihood of flooding. Floods only account for 10% of all business disruption, but they cost businesses four times as much as fires, with the average cost to a business reaching £28,000 – and that’s even before downtime is factored in.
Compliance The research cited earlier also highlighted that 72% of businesses are facing increasing pressure to demonstrate compliance with regulations, and 28% agreed that data sovereignty issues will affect their decisions over where to store data in the future. In light of GDPR and the UK’s presumed eventual exit from the European Union, compliance
November 2018
is becoming more important than ever. Unsurprisingly, the survey highlighted that SMEs want greater control over their data, due to concerns over GDPR (59%). With the potential fines up to €20m, or 4% of the previous year’s turnover, maintaining compliance is vital. In addition, 53% of the survey respondents agreed that they’re likely to accelerate significant IT decisions to ensure they can make the appropriate changes before the UK formally leaves the EU. While a large-scale shift to the cloud may be off the cards for many smaller businesses it’s wise to look into easierto-manage changes to their infrastructure. It’s also important to consider that wherever data is hosted, it’s still the responsibility of the company to encrypt everything. With all of these concerns, it may be time for SMEs to consider a more ‘in between’ solution. Hosting data offsite or in the cloud can support continuity during periods of downtime (planned or not) and when hardware upgrades take place on-premise. There is no doubt that SMEs will need to take a less hands-on approach to their data and application management in the future. And while moving data and apps into the cloud or into a datacentre may raise questions around accessibility and availability, it is time for SMEs to consider the options to better future proof their interests.
Vital part SMEs are a vital part of the UK’s economy. At the start of 2013, there were an estimated 4.9 million UK private sector businesses, employing an approximately 24.3 million people and it is forecast that by 2020, SMEs will contribute £217bn to the UK economy. They are part of the UK’s backbone and as such have some important choices to make. The need for transformation is evident across all industries, but that doesn’t necessarily mean that the path is clear. For many businesses, the challenge – and the opportunity – lies in how they
choose to adapt and expand their infrastructure in the coming months and years.
“Small businesses may not be ready to make the leap today but there are certainly many ways where they can adapt to become more flexible and robust without giving up total control of their infrastructure” While it’s not anticipated that SMEs will make a significant change in their business models over the next two years, the research points to a more gradual shift in the makeup of the average UK server room. It also highlights an extra opportunity for those who want to get ahead on transformation, with 64% of respondents agreed that the assurance of colocation and the flexibility of cloud infrastructure strikes a good balance for IT needs in the current climate. Small businesses may not be ready to make the leap today but there are certainly many ways where they can adapt to become more flexible and robust without giving up total control of their infrastructure.
About the author Jack Bedell-Pearce is managing director of 4D Datacentres. Straight out of university, he joined Accenture, where he worked on technical projects for clients including Centrica (British Gas), BT and BOC Edwards. Having identified a niche in the public sector, he started his own consultancy company working with local government and NHS organisations, before selling his stake to join 4D Datacentres in 2007.
References 1. ‘State of the UK server room’. 4D Data Centres. Accessed Oct 2018. www.4d-dc.com/knowledge/whitepapers/state-uk-server-room. 2. Barker, David. ‘Public vs Private vs Hybrid Cloud - how to decide’. 4D Data Centres, 30 May 2017. Accessed Oct 2018. www.4d-dc. com/insight/public-vs-private-vshybrid-cloud-how-decide.
Network Security
7
Safe digital transformation for SMEs Jack Bedell-Pearce, 4D Data Centres The pressure is on for British businesses over the next couple of years. With the EU’s General Data Protection Regulation (GDPR) now in force and Brexit looming, what can UK SMEs learn from their enterprise cousins during this profound period of transformation? Digital transformation is a term that most major enterprises not only feel comfortable with but are embracing. Containerisation, ‘as a service’ and other cloud-based models all make sense to larger businesses in allowing greater flexibility to their infrastructures while helping them to meet stronger security and safety needs as well as compliance and data sovereignty requirements. It also addresses the need for greater business continuity in the event of a disaster (natural or otherwise) and improved accessibility to not just their hardware but also their data.
“Many SMEs recognise that moving their infrastructure into the cloud can be a major shift and many aren’t ready to make such a large-scale change” A recent survey of SMEs found that 70% of them agreed that a flexible infrastructure and a solid strategy were key to mitigating risk.1 Yet nearly half (49%) of companies kept client data on-premise, with only 1% of them anticipating a move to the cloud or a datacentre in the next two years. The responses were similar for company data, with 51% currently hosting it on-premise and only 2% planning to move it offsite. So why is there a reluctance for smaller businesses to follow the already well-trodden (and proven) path of larger organisations? Not all SMEs are ‘server huggers’ but many recognise that moving their infrastructure into the cloud can be a major shift and many aren’t ready to 6
Network Security
make such a large-scale change. This is particularly true of companies that are working with a well-established legacy server infrastructure. And many fear that the shift could result in a huge amount of disruption that simply outweighs the benefits of using cloud solutions in the first place. And, of course, with a legacy infrastructure there will always be some technology that simply can’t be transitioned into the cloud and will need to be completely replaced. But does this point of view help SMEs in future proofing their business interests? And if they consider the route of digital transformation, what are the benefits?
Guaranteed security Whatever type of data the business is storing, guaranteeing its safety and security is paramount – and this is especially true when dealing with sensitive business or customer data. But maintaining data security isn’t a clear-cut case of locking the server room against threats (though physical security is as important as digital security). It requires balancing the benefits of every type of infrastructure against the risks and making the decision that best suits the business. As transformation moves up the agenda for SMEs, the digital security of applications and data remains one of the key concerns. In the survey, 35% of respondents cited security as one of the main barriers preventing them from moving into the cloud, and understandably, this isn’t without reason. Sharing space in the public cloud can put data at risk.2 One of the main issues is a lack of control: once data is placed
Jack Bedell-Pearce
in a third-party system, there is no direct control over its security and privacy settings. In the public cloud, space is shared with other companies and if their data isn’t secure, it can also put that of others at risk. Public cloud users are also susceptible to the ‘noisy neighbour principle’ – if one end user is targeted in a DDoS attack, the resultant swamping of CPU and network resources can impact others that share the common infrastructure. The shared use of CPU resources in public clouds is also an ongoing issue, as security vulnerabilities emerge from the well-publicised Spectre exploit. To ensure data stays as secure as possible, SMEs need to choose a solution that includes encryption and strong security credentials. Digital security can be just as much of a risk when hosting applications and data on-premise too.
“Fire damage is almost always unrecoverable – the replacement cost of lost hardware can be huge, but when data loss is also factored in, the costs to a business can be significant” The attraction to SMEs that there are fewer risks from sharing IT resources with unknown third parties is false. It’s actually easier to gain physical access to on-premise servers when they’re stored in offices shared by non-technical (or contractor) staff. The oft-cited ‘leaving a USB stick in the car park’ social engineering trick continues to catch companies out thanks to curious, non-security conscious staff.
November 2018
FEATURE
Keeping hardware safe It’s not just hacking and theft that puts data at risk. Fire and flood are both high risks, and for SMEs, getting the right measures in place to protect hardware and data can be cost-prohibitive. In 2017 alone, fire and rescue services in England attended 12,431 fires in non-dwelling buildings. Fire damage is almost always unrecoverable – the replacement cost of lost hardware can be huge, but when data loss is also factored in, the costs to a business can be significant. In fact, fire accounts for 17% of all business losses.
“There is no doubt that SMEs will need to take a less hands-on approach to their data and application management in the future. It is time for SMEs to consider the options to better future proof their interests” Around a quarter of accidental nondwelling fires are caused by faulty electrical equipment. Small server rooms that haven’t been purpose built (which is normal for SMEs), can experience a high heat output from the hardware and so pose an increased fire risk. Water damage is also a significant risk in the UK, with over 260,000 commercial properties located in areas with a high likelihood of flooding. Floods only account for 10% of all business disruption, but they cost businesses four times as much as fires, with the average cost to a business reaching £28,000 – and that’s even before downtime is factored in.
Compliance The research cited earlier also highlighted that 72% of businesses are facing increasing pressure to demonstrate compliance with regulations, and 28% agreed that data sovereignty issues will affect their decisions over where to store data in the future. In light of GDPR and the UK’s presumed eventual exit from the European Union, compliance
November 2018
is becoming more important than ever. Unsurprisingly, the survey highlighted that SMEs want greater control over their data, due to concerns over GDPR (59%). With the potential fines up to €20m, or 4% of the previous year’s turnover, maintaining compliance is vital. In addition, 53% of the survey respondents agreed that they’re likely to accelerate significant IT decisions to ensure they can make the appropriate changes before the UK formally leaves the EU. While a large-scale shift to the cloud may be off the cards for many smaller businesses it’s wise to look into easierto-manage changes to their infrastructure. It’s also important to consider that wherever data is hosted, it’s still the responsibility of the company to encrypt everything. With all of these concerns, it may be time for SMEs to consider a more ‘in between’ solution. Hosting data offsite or in the cloud can support continuity during periods of downtime (planned or not) and when hardware upgrades take place on-premise. There is no doubt that SMEs will need to take a less hands-on approach to their data and application management in the future. And while moving data and apps into the cloud or into a datacentre may raise questions around accessibility and availability, it is time for SMEs to consider the options to better future proof their interests.
Vital part SMEs are a vital part of the UK’s economy. At the start of 2013, there were an estimated 4.9 million UK private sector businesses, employing an approximately 24.3 million people and it is forecast that by 2020, SMEs will contribute £217bn to the UK economy. They are part of the UK’s backbone and as such have some important choices to make. The need for transformation is evident across all industries, but that doesn’t necessarily mean that the path is clear. For many businesses, the challenge – and the opportunity – lies in how they
choose to adapt and expand their infrastructure in the coming months and years.
“Small businesses may not be ready to make the leap today but there are certainly many ways where they can adapt to become more flexible and robust without giving up total control of their infrastructure” While it’s not anticipated that SMEs will make a significant change in their business models over the next two years, the research points to a more gradual shift in the makeup of the average UK server room. It also highlights an extra opportunity for those who want to get ahead on transformation, with 64% of respondents agreed that the assurance of colocation and the flexibility of cloud infrastructure strikes a good balance for IT needs in the current climate. Small businesses may not be ready to make the leap today but there are certainly many ways where they can adapt to become more flexible and robust without giving up total control of their infrastructure.
About the author Jack Bedell-Pearce is managing director of 4D Datacentres. Straight out of university, he joined Accenture, where he worked on technical projects for clients including Centrica (British Gas), BT and BOC Edwards. Having identified a niche in the public sector, he started his own consultancy company working with local government and NHS organisations, before selling his stake to join 4D Datacentres in 2007.
References 1. ‘State of the UK server room’. 4D Data Centres. Accessed Oct 2018. www.4d-dc.com/knowledge/whitepapers/state-uk-server-room. 2. Barker, David. ‘Public vs Private vs Hybrid Cloud - how to decide’. 4D Data Centres, 30 May 2017. Accessed Oct 2018. www.4d-dc. com/insight/public-vs-private-vshybrid-cloud-how-decide.
Network Security
7