Category: Data Sovereignty

The logistics industry has been completely transformed by technology in recent years. New innovations have led to huge breakthroughs and have been invaluable in streamlining processes, empowering customers and saving money, while late adopters have fallen by the wayside and been discarded as old-fashioned players in what is a fast-moving sector.

These changes have had a significant impact on the types of solutions designed for the industry. Connected devices are now rife, and are revolutionising the way that systems are integrated within the supply chain, as well as enhancing automation. The sector is also a prime example of how big data can be leveraged, with telematics software being used to distribute vehicle tracking information and improve transparency amongst suppliers and third-parties. While the efficiency gains and resource savings are obvious, these technologies are also building trust and helping to drive new business by empowering those further down the chain through the use of self-service platforms, enabling them to order, track and collect goods at the touch of the button.

MetaPack is one example of a company that has taken advantage of technology to deliver completely new ways of working, helping the logistics industry operate as fast and efficiently as possible. Its Carrier Mapping tool harnesses data from over 200 countries to allow retailers, brands and carriers to gain an understanding of which distributers are available at a given time – joining up activity to create a seamless delivery experience.

 

Potential challenges with transforming the sector

 

The benefits of digital transformation within the sector are almost endless. However, where there is rapid adoption of technology, there is always increased risk.

Efficiency is key when it comes to logistics, which is why technology service providers need to ensure their systems are robust enough to process large volumes of information in real-time in order to keep up with the fast pace of the market. Applications and platforms also demand an agile way of working to allow them to adapt with the changing landscape, which is why IT teams often adopt a DevOps culture to keep the wheels turning and optimise their platforms as and when needed.

These challenges are made even more complex when you consider the amount of sensitive data being processed by the sector, and the fact that it is a prime target for cyber criminals. At every point of the software development process, and for every business in the supply chain, security needs to be a focus – particularly given the complexity of the environment and the strict compliance mandates for companies to adhere to, including PCI DSS, GDPR, ISO27001 and the CPNI guidelines.

Issues at any point can lead to devastating consequences, sending ripples of damage throughout the supply chain. In fact, last year’s BCI Supply Chain Resiliency Report revealed that three of the top causes of supply chain disruption are telecommunication outages, cyber attacks and data breaches – with any of these disruptions causing a 55% loss in productivity and a 46% increased cost of working.

These stats serve as an apt reminder that if one aspect of a supply chain isn’t working at an optimal level, it can affect all other parties involved. Ensuring that any software you develop or use has solid infrastructure and robust platforms in place will therefore avoid any weak links in the chain and will mean you reap the benefits in terms of your bottom line.

 

Creating a competitive advantage

 

Clever use of technology is the facilitator to overcome these obstacles. The key to de-risking the supply chain is to make software as efficient, resilient and secure as possible, as well as ensuring that infrastructure is audited to guarantee compliance. Whether software is developed in-house, is off-the-shelf, or modified off-the-shelf, making sure that it is built and hosted in a flexible, secure and compliant way is vital in order to avoid disruption and give end-users confidence in the services you provide.

For software developers, this means making the development, hosting, and proof of concept assessment of their applications bespoke. Facilitating a DevOps way of working is important to allow for rapid changes to be made, while investing in security and ensuring compliance is essential at every stage. Or, if you’re taking advantage of these applications and new innovations rather than developing them, it means choosing a solution based on these requirements and hosting your applications in an environment that delivers these benefits.

Our market-leading technology expertise is complemented by our UK-based, unique and ultra-secure data centres, which are housed in state-of-the-art ex-military facilities. We specialise in partnering with technology service providers to de-risk their operations and support the delivery of applications and IT services to end users who demand security, resilience and compliance in the solutions they use. By holding security at the core of everything we do, we can ultimately help the service providers that keep the supply chain running to establish a competitive advantage when selling their services.

Get in touch if you’re interested in finding out more about how we can help you by clicking here.

Encryption in its modern form has been around for decades, but it’s still something that companies are failing to implement. Encryption is often neglected when it comes to corporate cyber security, despite the fact that it forms the cornerstone of any robust security strategy.

Data has never before been so valuable, or so widely targeted – this isn’t just due to the increasing complexity of attack methods, but also due to the range of ways that we transfer sensitive data every day.

Encrypting data is a basic way to protect sensitive corporate and customer data, and so far this year, many large companies have learned this lesson the hard way.

1. Carphone Warehouse
   The phone retailer started the year in an unpleasant way with a £400,000 fine from the ICO. Not only were attackers able to use login credentials to access the company’s system via out-of-date WordPress software, but they also were able to locate the credentials of more than 3 million customers in plain text, including names, dates of birth, addresses and phone
2. The Crown Prosecution Service
   The Crown Prosecution Service’s £325,000 fine in May serves as a stark reminder of why organisations should take encryption into account with all forms of data. In this instance, unencrypted DVDs holding interviews with victims of crimes, as well as sensitive information about the perpetrator, victims and interviewing officers, were left in an unsecured area of a building for anyone to view.
3. Yahoo
   Yahoo’s UK arm suffered significant reputational damage over a data breach which took place in 2014 – not to mention the £250,000 fine that it was subsequently slapped with from the ICO. The breach saw state-sponsored hackers transfer multiple files from the main Yahoo servers – many of which included names, emails, and unencrypted security questions and answers affecting more than 500 million users.
4. University of Greenwich
   The continuing existence of an unsecured microsite built in 2004 led to the personal data of 19,500 University of Greenwich students being placed online by hackers – including names, addresses, dates of birth, phone numbers, signatures, and, in some cases, details of physical and mental health problems. The breach, which resulted in a £120,000 fine for the University, acts as yet another reminder to organisations to make sure all data that they hold is processed and stored securely in order to avoid significant reputational damage.
5. The Bible Society
   Earlier this year, the charity was hit with a £100,000 fine after its IT network was compromised, and the personal data of its 417,000 of its supporters – including some payment card details – were accessed through an account which was only secured with an easy-to-guess password. In this case, the attackers deployed ransomware and transferred some files out of the network.

From these breaches, and many others, it’s clear that encryption – or the lack of it – is a huge factor in the size of the consequences of a data breach.

Securing data with encryption is not only a simple way to keep data safe, but is also of vital importance under GDPR. If you get it right, you won’t get fined – but get it wrong, and you can face significant reputational and financial damage. And now, with so many clever and easy to adopt solutions, there’s no longer any excuse not to have encryption in place.

Encryption has been utilised since WWII to safeguard data from potential threats, and although the methodologies employed may have changed, the basic premise is the same: encryption renders your data unusable should it fall into the wrong hands. This means that even if potential attackers manage to get through your cyber security safeguards, your data will still remain protected.

The other advantage of encryption is that it can support your business in achieving compliance with strict industry standards, helping you to avoid fines and reputational damage should you suffer a data breach. And although it is a basic preventative measure, it is important to remember that encryption is a fundamental precaution that every business should take in order to safeguard their most valuable assets.

When it comes to the right encryption solution then, it is vital to choose one that’s easy to deploy and maintain, whilst offering continuous protection. That’s why we opted for Vormetric Transparent Encryption from Thales as our chosen partner.

Adopting this robust encryption solution is easy. Downtime is alleviated during the set-up process by automating deployment configuration. The ongoing management and monitoring of the solution can then be automated and managed by our in-house experts, keeping things simple and making sure that your business can continue to run smoothly.

Vormetric has established itself as one of the best solutions in the market thanks to its cost-effectiveness and flexibility. This coupled with the fact that The Bunker offers this solution as a service, means that it can grow and adapt to meet your data needs as your business scales and requirements change. Not only does the Vormetric solution work hand-in-hand with our secure data storage, to provide best-in-class robust protection for your data, the product can also be applied to a number of different environments and offers a wide range of functionality that we’re able to adapt to each client’s individual needs.

With encryption based on the Advanced Encryption Standard (AES) and elliptic curve cryptography (ECC) for key exchange, Vormetric is FIPS 140-2 Level 1 validated, offering peace of mind that your sensitive data is properly safeguarded to the correct level at all times. Not only that, but Vormetric Transparent Encryption also leverages the AES hardware encryption capabilities on modern CPUs, delivering encryption with optimal performance even in virtual and cloud environments. It’s available on a broad selection of Windows, Linux and UNIX platforms, and can scale to meet your needs if you choose to opt for physical, virtual, cloud, container and big data environments. SAP has also reviewed and qualified Vormetric Transparent Encryption as suitable for use in SAP database management solutions, meaning important data at all levels and across all environments is properly safeguarded.

As a company that lives and breathes security day in, day out, we fully understand the importance of controlling who can access your data, even within your own company, and know that this cannot be understated. Fortunately, the Vormetric solution features granular access controls that can protect your data from potential external attacks or misuse by privileged users. You can tailor your policies to meet the needs of individual users by process, file type and time of day giving you control over every aspect of your data. On top of this, Vormetric’s security intelligence feature helps to identify and stop threats faster by providing detailed access audit logs, offering total peace of mind.

Utilising Vormetric alongside The Bunker will provide your business with everything it needs to keep your data safe, and ensure it stays that way. Vormetric’s automated maintenance and intelligence capabilities work alongside our ultra-secure ex-military facilities to provide a complete data storage and security solution. Our team of experts are also on hand to ensure you benefit from a tailored solution that best suits your needs and tech requirements, meaning you can be certain that your data will remain encrypted and safe whatever happens.

Another day, another cyber security breach. To name but a few recent victims; British Airways, T-Mobile, Boots, Dixons, TSB Bank, Facebook. No one is untouchable and the threat landscape is growing exponentially – proof that the world of cyber security is never a dull one.

Well, I am currently half way through my Cisco Global Cyber Security Scholarship and have recently passed my first exam. I was just on a 3 week vacation in Alaska and British Columbia, which was already planned before my acceptance in this scholarship program, but the amazing thing is that, with the self-learning and online mentoring of latest trends in cyber security technology, I have been able to keep up to date and study hard wherever I found secure internet.

The course is rather intense, but I can already see that the knowledge I am learning will bring real benefits to myself, and within my role at The Bunker. Everything so far has lived up to my expectations, and I am finding the setup of the course self-explanatory and easy to follow. Being able to interact in the lessons also adds to the experience, knowing others are taking the same journey as I am.

The support from my team at The Bunker has been amazing; everyone here are joining in the anticipation of my results and progress through this incredible opportunity that I have been given. The Bunker, as a company, values its clients and the protection of their business and intellectual property above anything else. They are data-driven, providing automated security solutions, and they are leaders in cyber security as part of the Cyberfort Group.
Cyberfort Group are committed to helping businesses protect themselves and their customers from the perpetually evolving range of cyber threats, and their varied solutions are a combination of security intelligence, analysis of applications, state-of-the-art technology and consultancy, together with continuous investment in research and development.

I have already started the other half of my course, which I am even more excited about as it involves practical lab work and covers the operational side of cyber security. Stay safe in this Cyber world and I will see you in a few months peeps 😉