Digital Transformation & Security: A Perspective
With Digital India, Smart Cities and Citizen e-Services becoming our mark of the transformation of government and public processes for the best of all of us, it is very timely we should re-look at our security aspects
Recently, we witnessed a global level, large scale Data attacks commonly referred to as “Ransomware”. A coordinated attack on selected and widespread systems with vital data, encrypting its content and demanding Ransom to let data owners and users regain control of data. In one way, it was a jolt to advocates of digital transformation on the need to have a re-look at our security benchmarks. At the same time, it was also an awakening to technology designers and implementers to give much-needed attention to our security policies.
In any case, the anti-digitisation lobby got another weapon of target – digital transformation is not the right thing to do, the may lead to critical security and safety issues.
Digital Transformation is the 4th Industrial revolution. The first 3 transformation waves – mechanical, electrical and electronics were more focused on automation, reducing manual efforts and increasing productivity and efficiency.
The latest wave is more to do with the eradication of manual processes, high level of smartness and intelligence – mainly Artificial and induced. If security is not a fool-proof given, this will not give any confidence to users and adopters to use and get benefits. Hence it is important to understand security loops and how we can fix them up, making this whole transformation experience.
When electric systems were introduced in the last decade of the 19th century - one common threat was the mishandling of such systems so as the result of large accidents.
However, history has proven that except few random incidents, we never heard any such event which would have led to stopping the use of electrical systems. On the contrary, electrical use and adoption have reached a pinnacle where we now look to Electric vehicles, electric instruments much more in use and gaining more traction. Despite the fact that electricity and power still have its inherent dangers, we have learned to live with that and use that to our best advantage.
If we look at areas of concern as far security for Digital Transformation, it boils down to 3 critical levels:
1. Content Security: Data is the key – anything and everything we are doing with Digital enablement of systems, processes and people, has to do much with how we can get and use data in real time and with effective benefit. When it comes to the security of Data or information, we need to build the same inherent in the overall design. Any information passing from one device to another (say from Sensor to Gateway or to Server) can be encrypted using effective tools so as to prevent any loss in case of pilferage. WhatsApp’s end to end encryption is a great example of how we can build such data transport systems to ensure the highest level of security.
2. Network Security: Lot of work and efforts have been put in here to ensure we have perimeter protection for our networks. Enough tools, applications and appliances have flooded the market ensuring network protection. However with the advent of open networks, virtual networks and Cloud, the perimeter concept has diminished to a large extent. We now see concepts like Internet Separation gaining speed where public users (say Govt departments) need to have a different network, physically separated, one for internal use (Intranet) and another for external use (Internet). Though this means an increase in costs for overall IT operations, it goes a long way to thwart such attacks what was witnessed last two weeks.
3. Device Security: Mobility has made the concept of location-bound a farce. With the advent of IoT (Internet of things) where millions of devices are now able to communicate, transfer and talk to each other with built in AI (Artificial Intelligence) processes, it is more important to also have a device level security built into the design of each device. Smartphones have now reached a stage where multi-level security is a basic requirement which enables a high degree of security for the device as well for the content.
With Digital India, Smart Cities and Citizen e-Services becoming our mark of the transformation of our government and public processes for the best of all of us, it is very timely we should re-look at our security aspects.
It is the time we start baking security aspects in our daily digital experience and make it better before we see another such attack crippling our daily life.
Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house
Around The World