Connect with us

Technology

Securing cloud-based apps

Published

on

Securing cloud-based apps 1

By Stuart Sharp, VP of solution engineering at OneLogin 

A quarter of a century into the web era, it seems astonishing that protecting the personal and business accounts on which it depends remains a mortal challenge. There are many dimensions to this problem, starting with the weakness of the security model that assumes that a password and username offers a reliable authentication that someone is who they claim to be. Additional layers such as Multi-Factor Authentication (MFA) and behavioural modelling have been added to supplement the process of verifying identity, but they remain as complex to implement as they are diverse. Uptake among consumers remains incredibly weak while even some businesses have baulked at the management overhead, assuming applications even support MFA in the first place.

Perhaps the biggest challenge isn’t so much technical as it is old fashioned risk – the scope and value of resources protected by online accounts has expanded so dramatically that the entire fate of many businesses depend on their integrity.  Where once these were a way to access a limited palette of services, business accounts in particular offer attackers the sort of foothold inside organizations that can fuel everything from phishing and Business Email Compromise (BEC) attacks to the wholesale compromise of shared servers and cloud services. When cyberattackers find a way to undermine an employee account, they gain not simply an insight into that individual’s job and data but, potentially, a way to compromise the whole organization.

In the financial sector, the effects of this are not hard to find, with a 2019 report conducted by Vanson Bourne on behalf of data loss prevention company Clearswift finding that 70% of organizations had suffered some form of cybersecurity breach in the previous year. While this is unlikely to surprise anyone working in this sector, what stood out was how many ways these incidents were occurring, from malicious insiders to employees accidentally sharing or failing to secure sensitive data. There is a tendency to see threats to data as being external but it’s clear that the sheer complexity of managing data in modern organizations can allow account and company data to leak out in a multitude of ways that are rarely noticed.

Stuart Sharp

Stuart Sharp

For complex financial services companies, protecting standalone accounts, applications and services is simply unsustainable, leading large organizations to invest over the last decade in the more sophisticated approach offered by cloud-based Identity as a Service (IDaaS) solutions. The first job that IDaaS does is to impose rational design on the different elements of identity and access. For example, passwords often fail as a security protection because employees use weak ones or have too many to manage without reusing the same ones over and over.  IDaaS impose policies on this while allowing users to access multiple services, including cloud services, using the wrapper of single sign-on (SSO), which in turn requires that popular applications be pre-integrated. Similarly, what users can do is easily constrained using access controls that limit geographical or time access.

A second innovation of IDaaS is allowing organizations to start using more sophisticated authentication controls in the form of real-time risk assessment carried out using machine learning, which trigger additional checks such as Multi Factor Authentication (MFA) if anomalies are spotted. This is a big difference between consumer and business account security. Adding additional factors to a home user login such as online shopping would probably be enough in most cases. Employees, on the other hand, make more demanding use cases, which is why imposing tighter MFA rules and challenges are required for added security.

Nevertheless, if IDaaS offers useful technological integration, its biggest plus is simply that it solves access challenges created by the move to cloud applications themselves. It’s easy to be lulled into thinking that a cloud application looks very similar to a business application hosted on a server sitting in a data centre. From the user’s point of view that might be true, but behind the scenes the cloud application exists outside the data centre network, which creates new and hidden challenges for security. IDaaS is a cloud-centric way to integrate these two worlds – the data centre and the corporate network – into something with a single, integrated layer of security management rather than allowing it to exist as separate silos. Looked at this way, it’s arguable that IDaaS in some form isn’t simply convenient but inevitable.

Who’s accessing what

A core ethos of IDaaS is automation, specifically the ability to control which employees are accessing which applications and data and in what context. This is not only positive for compliance but makes the underlying questions asked by compliance more meaningful. Do all the users with access to application data have the right to access it? Are users who’ve left an organization being quickly de-provisioned? Within the context of cloud applications managed through IDaaS, the answer should always be yes. Any good IDaaS system should be able to explain the state of its user and data control through comprehensive, automated controls.

Thanks to the weak state of older models of digital identity, the move to cloud applications was always going to be a tough challenge. The tech world has spent more than 20 years trying to fix this with numerous innovations and technologies, not all of which have proved helpful in the long run. Now, with open standards for many of the underlying security components, and the emergence of technologies such as IDaaS which can manage these technologies as a logical entity, businesses can at last embrace the cloud without fear that they are storing up problems for the future.

Technology

The importance of app-based commerce to hospitality in the new normal

Published

on

The importance of app-based commerce to hospitality in the new normal 2

By Jeremy Nicholds CEO, Judopay

As society adapts to the rapidly changing “new normal” of working and socialising, many businesses are working tirelessly to ensure that they have all the necessary safety precautions in place to keep trading. One such sector is hospitality, but the way it typically operates now looks very different to what we were used to seeing prior to the pandemic.

Many pubs, restaurants and other hospitality establishments have now been open for a few months since lockdown, providing much relief and enjoyment to many consumers, as well as getting many employees back into work. However, a core component for businesses to maintain trading in these times is to ensure the crucial safety of staff and customers.

Payments are playing an important role in this and we’re seeing payment technology being implemented in new and unique ways to help make the hospitality sector as safe as possible. One such technology is app-based commerce, which allows businesses to interact with customers in ways that minimises physical contact whilst crucially still enabling engagement.

With table service now mandatory and Test and Trace measures continuing, we’re likely to see this technology being increasingly adopted in the months and years ahead. So, let’s take a look at what its use means for the hospitality industry and beyond and how it lines up with the government’s latest advice for businesses within the sector.

Understanding government guidance

Guidance issued from the UK government expands upon advice already offered by the Prime Minister to the hospitality sector, at the point of reopening back in July. It has been stated that all indoor hospitality is limited to table-service, interaction between staff and customers should be minimised as much as possible, masks are being enforced for indoor hospitality staff and the rule around groups of 6 continues.

At the same time, businesses now have a clear duty to support NHS Test and Trace by collecting names and contact details from customers so they can be reached if a customer/worker tests positive. This is a recent mandatory move having previously been guidance.

What’s more, it’s recognised that payments are a practical tool to help companies adhere to these guidelines. Throughout the pandemic it has emphasised that contactless payments are useful for reducing human interaction and touch points – such as PIN pads.

Early on, we saw the payment industry increase the authentication limit for contactless spending limit from £30 to £45 to help reduce cash purchases, cash machines and PIN pad usage. The Government are strongly encouraging the use of contactless payments in the hospitality sector, however, there’s a big part of the solution that they may have overlooked that can help hospitality businesses meet these guidelines with even greater ease – app-based commerce.

Why use apps?

Jeremy Nicholds

Jeremy Nicholds

Apps provide a whole host of benefits and are the perfect tool for not only minimising contact, but also ensuring customers are contactable at a later date, if needs be.

While contactless payments eliminate the need for customers to pay using cash, or touch PIN pads, apps can remove physical human interaction at the point of sale altogether. This is because they enable customers to pay ahead or at the table, meaning they don’t need to leave their seats or regularly interact with staff.  And done well they can even be a boost for business, enabling more convenient transactions and higher levels of repeat purchase.

When it comes to ensuring that customers are contactable, apps and e-wallets have a real advantage over traditional card-based transactions and anonymous cash payments. They allow companies to retain details about who has attended an establishment at a given time, enabling them to know whether a customer was present while a person known to be carrying the virus was in the vicinity.  The communication advantages of apps also allow establishments to manage their footfall and customer flow.

The role of app-based commerce in the new normal

Apps will become more and more important for all types of businesses, as consumers shift their behaviour towards digital.  They represent a new ‘real estate’ for retail and other businesses to manage – to present their brand in the right way, to engage customers and drive transactions.

Recently, we’ve seen Apple support this move towards app-based commerce with the launch of App Clips, further bolstering its use as we emerge from lockdown and encouraging safer and hygienic ways to pay.

App Clips are a great way for consumers to quickly access and experience what an app has to offer. They are fast and lightweight so a user can open them quickly and start and finish an experience from an app in seconds. And when they’re done, the business can offer the opportunity to download the full app from the App Store.

We are also seeing a number of hospitality businesses warming towards the use of app-based commerce and doing a great job of implementing it. The technology has already become central to the safe trading operations of big names in the industry such as Caffè Nero and The Young’s Pub, which are great examples of how to make apps work for your business.

As the industry steadily navigates its way through a new normal of operating, we expect that app-based commerce will skyrocket. In fact, we’ve already seen a great number of businesses throughout different industries expressing interest in the payment method, suggesting that it will play a pivotal role in moving forward. It certainly is a great way for businesses to keep staff and customers safe.

Continue Reading

Technology

Why the FemTech sector might be the sustainability saviour we have been waiting for

Published

on

Why the FemTech sector might be the sustainability saviour we have been waiting for 3

By Kristy Chong, CEO & Founder Modibodi ®

Taking single use plastics out of circulation is no easy feat, but the answer might lie closer than we think

FemTech: The Beginnings 

The term FemTech was initially coined to describe the powerful offering from tech start-ups as they ventured into developing revolutionary products centred around women’s health needs. Whilst the beginnings were humble, we have seen a whole host of innovations enter the market which have changed the game for women and business leaders around the globe.

Fast forward to 2020, FemTech is an industry predicted to be worth $50 billion by 2025 [1]and a powerhouse that is not just tackling women’s health issues but also helping to solve major environmental and sustainability crisis that we face today.

The fearless female entrepreneurs have founded and grown businesses that are continuing to help women across the globe deal with issues such as fertility, periods, sexual wellness, pregnancy and many others. And the best is yet to come.

It is a Man’s World

Traditionally, both technology and medical sectors have been very slow in tackling women’s issues and notoriously lagged in developing products and tools that address issues predominantly affecting women. Whilst figures show that women spend 29%[2] more on healthcare than men, only 4% of overall R&D funding goes towards developing products for the women’s sector[3] therefore the market is ripe for disruption.

As a woman, a mother and entrepreneur I knew that like many others I had to take matters into my own hands.

Following an incident with incontinence whilst training for a marathon in 2011 after the birth of my second child, I recognised the need to innovate apparel that offered a dignified, supportive and sustainable solution for women to manage leaks from periods, incontinence and everything in between. After two years of product development and over  1000 scientific tests, I founded Modibodi in 2013 with a long term view of breaking taboos, opening minds and offering a reusable, sustainable option for sanitary products that’s not just for women – but for the benefit of all bodies on this planet and the environment too. Now, we’ve expanded on that notion to support all people, including men who suffer incontinence, sweating and chafing, providing them with a reusable, sustainable option with our Modibodi Men range.

As you can imagine, this was far from simple not just due to tech and business sectors being notoriously dominated by men, with figures showing that 98% of VC funding goes towards male founded products[4] but also because we were not just selling a new brand of lipstick or gym-wear, we had created a whole new product category based on talking about things that made people and retailers uncomfortable.

As a social advocate for women’s health issues and rights I knew that I needed to persevere because the amalgamation between technology and feminism is a major force of social change and one that can have wide scale impact on our world.

The Sustainability Story

The sustainability agenda has really taken off in the last couple of years, especially in our war against single use plastic.  But it occurred to me very early on that we are not doing enough and there are still areas that need urgent review.

Very early on in the development stage of Modibodi I knew that sustainable sanitary products could be a game changer in eliminating single use plastics from circulation and whilst the world and respective governments were focusing on plastic straws, I felt the change needed to come from numerous angles and streams of consumerism.

The proof of concept was starring us right in the face, the average woman uses an average of 11,000 disposable feminine hygiene products in her lifetime and these convenient products come with an inconvenient environmental cost. They take 500 to 800 years to biodegrade, which means the first ever tampon and pad is still in landfill. Even more alarmingly, 8% of all waste that enters water treatment works comes from period waste, including non-flushable items such as pantyliners[5].

This is why I believe that the revolutionary innovations that are born out of the FemTech sector have capabilities to be one of the key drivers of the sustainability agenda. There is something remarkably special about a group of purpose driven businesses that can connect with consumers through a collective set of values to drive change and be a force for good.

What’s Next?

As most purpose driven business leaders will tell you, the fight never stops as the world evolves and continues to change. The sheer growth in the FemTech sector and the capabilities developed to date have changed millions of lives around the globe.

As an industry and a movement, we’ve also managed to play our part in driving the sustainability agenda and I will argue that actually the wide scale change and unity needed to continue making strides in eradicating single use plastic from our circulation will come from within the powerhouse that is FemTech.

The sheer capacity for change can be easily demonstrated if we look at the granular data and its potential for growth. If just 100,000 young girls use Modibodi alone from the start of their menstrual cycle, this would prevent 1.1 billion disposable hygiene products from ending up in landfill or 1.5 million garbage bags of waste. As of May 2020, our global base of 500,000 customers alone have prevented an estimated 2.5 million garbage bags of disposable hygiene waste from ending up in landfill or flushed into the ocean.

With the FemTech industry growing at a racing speed, I have no doubt that we are at the tipping point of pioneering wave of inventions that will take the agenda further and have the capacity and means to lead the movement. It is up to the trade organisations and world leaders to recognise the potential that such businesses and brands carry in order help to facilitate its growth trajectory.

Continue Reading

Technology

Limitless possibilities: Delivering disruption with IoT

Published

on

Limitless possibilities: Delivering disruption with IoT 4

By Nick Earle, CEO of Eseye

In the past decade, digital companies like Amazon and Netflix have used data to reinvent products and services in ways no-one imagined possible. Shopping and films were not new concepts, but these companies and many others built hugely successful businesses by disrupting existing industries through connected, personalised, data-driven services.

We are on the brink of a similarly disruptive revolution, as the Internet of Things (IoT) starts doing the same for ‘physical’ businesses – from tennis rackets to coffee machines and industrial machinery – allowing them to offer connected, data-driven, differentiated experiences. This is sometimes referred to as the ‘next Internet’ and IDC predicts that in total there will be 41.6 billion connected IoT devices or “things” by 2025.

Access to this incredibly detailed data on every aspect of how the physical world works will create endless disruptive innovations – from both new and existing companies. This presents limitless opportunities, but also severe threats to companies that wait too long.

A decade ago, many predicted this revolution, but it has taken longer than expected. Despite pockets of innovation, many have struggled to deliver successful IoT projects. We have yet to see the IoT equivalent of Netflix.

There are some obvious reasons for this. Many companies with a long heritage in the physical world find digitisation hard to navigate. Moving from selling units via a capex model to managing a continuously connected, data-driven relationship via an opex model is a big shift – involving new technologies, business processes, skills and management metrics. Concerns about how to do this can cause management paralysis where the outcome is often ‘do nothing and wait’. Arguably a worse approach than trying and failing.

It’s also a culture issue. We don’t like change, it’s difficult and we only do it when we have to. The problem is that when you are the market leader your existing financial metrics often disguise the change that your competitors are implementing in the market. A large installed base of customers will keep generating revenue for a long time and it’s often hard, if not impossible, to recognise the new disruptive business models that are winning the next generation of customers.  But as the old saying goes, you overtake on the corners not the straights, and the COVID-19 pandemic has accelerated many digital initiatives not slowed them down. Your business model is being disrupted whether you can see it or not and it’s almost certainly accelerated during 2020.

Another reason is much more basic. Due to the fragmented nature of the Mobile Network industry, where multiple players compete with each other with their proprietary SIMs, the holy grail of ubiquitous global cellular connectivity for each and every device via a single embedded eSIM has not been possible. The reality is no network SIM, even from the largest Tier 1 operators, can deliver more than 90% global coverage, even with extensive roaming arrangements. You don’t want a connected lawn mower which is invisible in 10% of cases, or a connected health monitoring device that misses 10% of emergencies. And to fill that connectivity gap you don’t want to have to use a different operator’s SIM – that just adds complexity, cost and kills the business case. If this connectivity barrier can be removed, then the savings in manufacturing and supply chain costs that can be delivered from moving to single global product SKUs will more than justify the investment in IoT pilots and new product rollouts.  This is the problem that Eseye solves and we are currently doing it for more than 2,000 customers worldwide.

I’ve spoken exclusively to IoT industry leaders from Microsoft Azure, EY, Thales, Relayr, and The Chasm Group, to understand the opportunities that IoT offers for companies to create disruptive products and services, and the lessons they’ve learnt delivering digital transformation and disruption through connected devices.

Dr Miroslaw Ryba, Global IoT Leader at EY, explained that: “Disruptive IoT is about taking the sum of thousands of IoT sensors – say in a factory – and combining data to deliver transformational insights. And that the next, exciting phase, will be a new data economy.

“There is [already] an agreement that the user gives up their data in return for a service. Imagine what will happen once that data expands to real-world activities. It will allow the development of whole new classes of products and services aligned to customer needs.”

Tony Shakib, Global IoT Business Acceleration Leader, at Microsoft Azure believes that we’re at an inflection point where some companies are taking investment in IoT infrastructure seriously, allowing them to capture meaningful data, and integrate it into their workflow management systems. Here they can start delivering, and acting on, real-time insights.

He said: “Gradually we’re crossing from the experimental phase to mass adoption” he explains. “Once we get there, we’ll see real change. Once you start connecting devices and using data intelligently, the amount of innovation you can do becomes exponential.”

When moving from incremental advances to big disruptive IoT-driven transformation, Shakib believes the key is cultural change.

He explained: “Tech is not the bottleneck – devices, security, connectivity, and cloud platforms are all there if you know where to look. The problem is people struggling to understand the art of the possible.”

VP of IoT at Thales, Andreas Haegele, unpacks the points of consideration including, security, connectivity and process when trying to maximise the benefits of IoT.

“Most business models of the past – and many today – are ‘sell and forget’. IoT connects your products, which changes what you offer. It creates an ongoing connection between you and the customer allowing you to deliver ongoing services and collect data which provides valuable insights.

“However, there are other factors to consider, namely around process and security. Eseye, for example, offers out-of-the-box connectivity which you can embed in an IoT device and it just works, there is no need for setting up new networks, security protocols, certification with mobile network operators (MNOs), etc. IoT needs security to be embedded from the start as security is very hard to retrofit. There must be a unique identity for every device so they can be managed during their lifetime. And you need to make sure software updates can only be accepted by trusted sources.

“Also, built-in connectivity is central to IoT. Each device needs to consider the right type for them, but I expect most will use cellular eventually, since it removes many roadblocks to uptake. If devices over-complicated connectivity, that’s a major turn off for customers who expect seamless, convenient experiences.”

While Peter Van der Fluit, Principal at Chasm Group, said: “Any company that currently makes or operates a physical product needs to be thinking about IoT. If you don’t connect your product to create a differentiated offer, someone else will.

“To be successful in embracing IoT, or any disruptive technology, companies should divide their business into four ‘Zones’ – an approach established by Geoffrey Moore in his book Zone to Win. Two of these Zones focus on innovation, and two on the core business. Each needs a different leadership style, culture, financing and governance.”

With so much disruption and change thrust upon companies, business models are inevitably going to evolve. Josef Brunner, CEO at Relayr, explained to me how IoT is disrupting business models, forever.

Josef said: “IoT is creating whole new ways of thinking for those who manufacture products, enabling them to change how they sell in a way that works better for them and their customers. This is often talked about as moving from selling products to selling services. We’d go further and say that at its best, IoT is about selling outcomes. Rather than charging an hourly or monthly subscription, the manufacturer can sell the value that is delivered.”

But there are pitfalls to be avoided when switching to a model that sells outcomes. Josef explains: “The main mistake companies make is to think of IoT as a technology project, looking at what tech is available and working out where to deploy it. Instead, they should start with the business problem.

Start by looking at what assets you have, and how they could be used to deliver a better experience for customers. Put the customer need at the centre of that offer. Then look at how tech can enable it.”

The inventors of the internet could never have predicted Uber and Netflix. Likewise, we can only guess at what IoT entrepreneurs will come up with once they have access to data from trillions of devices capturing rich data on every aspect of our lives and businesses. But it’s likely to be an even bigger wave of innovation than the first version of the internet unleashed. There really are no limits.

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

The importance of app-based commerce to hospitality in the new normal 5 The importance of app-based commerce to hospitality in the new normal 6
Technology2 days ago

The importance of app-based commerce to hospitality in the new normal

By Jeremy Nicholds CEO, Judopay As society adapts to the rapidly changing “new normal” of working and socialising, many businesses...

The Psychology Behind a Strong Security Culture in the Financial Sector 7 The Psychology Behind a Strong Security Culture in the Financial Sector 8
Finance2 days ago

The Psychology Behind a Strong Security Culture in the Financial Sector

By Javvad Malik, Security Awareness Advocate at KnowBe4 Banks and financial industries are quite literally where the money is, positioning...

How open banking can drive innovation and growth in a post-COVID world 9 How open banking can drive innovation and growth in a post-COVID world 10
Banking2 days ago

How open banking can drive innovation and growth in a post-COVID world

By Billel Ridelle, CEO at Sweep Times are pretty tough for businesses right now. For SMEs in particular, a global financial...

How to use data to protect and power your business 11 How to use data to protect and power your business 12
Business3 days ago

How to use data to protect and power your business

By Dave Parker, Group Head of Data Governance, Arrow Global Employees need to access data to do their jobs. But...

How business leaders can find the right balance between human and bot when investing in AI 13 How business leaders can find the right balance between human and bot when investing in AI 14
Business3 days ago

How business leaders can find the right balance between human and bot when investing in AI

By Andrew White is the ANZ Country Manager of business transformation solutions provider, Signavio The digital world moves quickly. From...

Has lockdown marked the end of cash as we know it? 15 Has lockdown marked the end of cash as we know it? 16
Finance3 days ago

Has lockdown marked the end of cash as we know it?

By James Booth, VP of Payment Partnerships EMEA, PPRO Since the start of the pandemic, businesses around the world have...

Lockdown 2.0 – Here's how to be the best-looking person in the virtual room 17 Lockdown 2.0 – Here's how to be the best-looking person in the virtual room 18
Top Stories3 days ago

Lockdown 2.0 – Here’s how to be the best-looking person in the virtual room

By Jeff Carlson, author of The Photographer’s Guide to Luminar 4 and Take Control of Your Digital Photos suggests “the product you’re creating is...

Banks take note: Customers want to pay with points 22 Banks take note: Customers want to pay with points 23
Banking3 days ago

Banks take note: Customers want to pay with points

By Len Covello, Chief Technology Officer of Engage People ‘Pay with Points’ – that is, integrating the ability to pay...

Are you a fighter or a freezer? The 4 “F’s” of Surviving Danger 24 Are you a fighter or a freezer? The 4 “F’s” of Surviving Danger 25
Business3 days ago

Are you a fighter or a freezer? The 4 “F’s” of Surviving Danger

By Dr.Roger Firestien, Author of Create In a Flash. The fight, flight, freeze survival response – or FFF for short...

Why the FemTech sector might be the sustainability saviour we have been waiting for 26 Why the FemTech sector might be the sustainability saviour we have been waiting for 27
Technology3 days ago

Why the FemTech sector might be the sustainability saviour we have been waiting for

By Kristy Chong, CEO & Founder Modibodi ® Taking single use plastics out of circulation is no easy feat, but...

Newsletters with Secrets & Analysis. Subscribe Now