By Michael Johnson, TLM Technologies
With the internet and cloud technology being so prevalent in our everyday lives, most of us are comfortable shopping online and passing personal information over the internet. In fact, Amazon recently reported that the five days from Thanksgiving to Cyber Monday this past year broke previous sales records for the retailer; as customers in the U.S. purchased millions more in products than during the same period last year.
C-stores and other businesses have come to rely on the cloud because it can help them to more cost-effectively process massive amounts of data between systems. Enterprise solutions can be managed at little to no cost from the cloud. And support efficiency increases when technical engineers engage the entire system in the cloud. Software as a service (SaaS) provided over the cloud can also offer a significant advantage when it comes to cashflow, as a once substantial capital expenditure can be reduced to small monthly operations expenses.
We assume that if a company is providing a service in the cloud, then it is securely transferring data and authenticating individuals and payments using the system.
Overall, the cloud is very safe after years of well-founded scrutiny and testing.
Microsoft Azure (commercial cloud) is at the forefront of this technology, surpassing even Amazon.
Microsoft on its latest quarter disclosed its commercial cloud revenue and an annual run rate north of $21 billion.
Source: Company filings, earnings reports
Microsoft Azure, for instance, segregates its Microsoft-managed networks and customer networks to ensure performance and security, and all data through it is automatically encrypted. It also includes safeguards to protect against distributed denial-of-service (DDoS) attacks, and security is integrated into Azure firmware and hardware. It also has a dedicated cybersecurity team working 24/7/365 on testing and monitoring.
But not all cloud solutions are alike. Saas is a combination of the software from the application vendor and the cloud service that companies such as Microsoft, Amazon, and others provide. Surveying the landscape of software providers offering SaaS in the retail fuel and convenience marketplace, many companies had their applications built before the cloud was so heavily used. They have found themselves at a technical fork in the road. Either they re-architect their product so the foundation is built specifically for cloud-based services, or figure out workarounds to get their application to look like it is running securely in the cloud. It is expensive to re-architect an existing solution, so many companies have built hybrid solutions with virtual Band-Aids, bailing wire, and bubble gum, that look like they are running in the cloud. This may seem reasonable at first glance because it works, but eventually it is likely to catch up with them and their customers.
Beyond the bottlenecks inherent with old software that grinds data so slowly in a new cloud, companies need to demand higher security from their vendors, especially with new security protocols being adopted by new technology. For example, two-factor authentication is commonly used to identify the device an individual is using. High security is needed for online shopping carts, banking applications, and c-store software applications, and other private data. Ensuring that these are available in c-store software should be a high priority.
Another security consideration in selecting a software vendor is ensuring use of a virtual private cloud (VPC) and network. Rather than leveraging a multi-tenant instance, your SaaS application provider should be able to facilitate a cloud environment meant only for you, in which you have entire control over the data, a Single Tennant architecture. Clients can securely connect to their corporate data center; all traffic to and from instances in their VPC is routed to their corporate data center over an industry standard encrypted Internet Protocol security (IPsec).
A convenience store retailer’s c-store data is private information, and the risk of it being compromised can negatively impact customers, create a compliance risk, and be embarrassing. On any given day, large security breaches are in the news; c-store data, margins, and payment information are not immune.
The ubiquitous computing vision the retail industry is embracing brings about a number of information security and privacy challenges, some of which we already face in the mobile computing arena.
In the IT security world, there is a constant tension between the need to keep information confidential and have it readily available. Take, for instance, availability of confidential data in a database: if we apply security with too much gusto, then it’s likely to not be available to those who need access, or conversely, with not enough, it may not be secure.
At TLM, we know that you expect world class security from your software, that is why we architected it from the ground up for the Microsoft Azure Cloud.
Contact us today to learn more about how we keep your information secure and available, at your fingertips, with cloud service applications from TLM.
