Data Compliance vs Cloud Adoption in Kenya
Thoughts from a cloud Architect
Data Compliance in Kenya has been given a front seat at every business/government event, summit, or forum. This is informed by the misuse of personal data, especially the telephone numbers and ID numbers that 3rd party/ marketing agencies use to reach their targets without any authorization.
This has caused the Government and regulators to come up with unrealistic policies, governance structures, and practices in the effort to govern data integrity, confidentiality, and privacy. These enforcements have become a detriment to the adoption of sustainable technology that has the capacity to fix the exact same issues, Cloud Solutions.
The root cause of data insecurity is the datacenter.
A data center is the main cause of insecurity. because one has to set up multiple technologies to just store simple data sets. It becomes very easy to lose focus on the solution and the security of the solution that is being built, and focus is shifted to the technologies that support the solution. The use of multiple vendors to realize simple capabilities becomes another pain because the vendors have different perspectives on their offerings and implementation of their technologies. This becomes the grind of every IT team, trying to understand the technology, the vendor’s way of doing things, and the nuances of best practices.
Data and applications security becomes the final focus after the multiple screws, nuts, and bolts of all technologies have been tightened. By this time, many shortcuts that expose data and applications have been taken, and due to the extensive work, money, and time that has gone in, it is abominable for an IT department to discuss a change of course. This is the undoing of a data center.
cloud, the hope of data security
With the abstraction of complex technologies, we have IT and technology-centered teams focusing on the business needs and system/data structure and security. This becomes an easy task when Cloud solutions give you automated security that identifies, proposes and where enacted, it automatically remediates the insecurities of data. These are capabilities the datacenter would never achieve.
With AWS, you get Amazon Guard duty, Amazon Coginito, Fraud Detector among others that help you secure your environment with ease. This is doubled up with the massive database options that are secure by design.
With Azure, you get Azure Sentinel which is a wholistic security platform that takes care of all security requirements including threat detection, analysis and remediation. This comes at a fraction of cost too.
With GCP you get splunk integrated that allows you to do all a SIEM is built for and automated remediation and deployments.
With these advantages, you are best fit on cloud than you will ever be in your datacenter. It is the hope for your data.