Thales Blog

Retail has a multi-cloud problem…with sensitive data

October 23, 2019

Tina Stewart Tina Stewart | VP, Global Market Strategy More About This Author >


Digital transformation (DX) is fundamentally impacting all aspects of the economy across every industry, and nowhere is this truer than in retail. DX technologies such as cloud, mobile payments, IoT, Big Data and others have fundamentally changed retailers’ business models, not only by opening new channels to reach customers, but also in how they communicate with, serve, and support them. But DX also introduces the potential to put sensitive customer and corporate data at risk by fundamentally changing where data needs to be protected and how it needs to be secured. The cloud is arguably the most daunting of these environments, and the most widely deployed.



In the 2019 Thales Data Threat Report-Retail Edition, we found that cloud usage continues to proliferate rapidly: over 95% of all retail respondents said they plan to use all three of the common cloud environment types – Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS) – within 12 months. Moreover, these deployments won’t be to just one vendor or one platform: more than 50% report that they will use three or more IaaS or PaaS environments, and 70% report that they will use 26 or more SaaS environments. Overall, 76% report that they will also use sensitive data within at least one of these cloud environments. This level of multi-cloud usage greatly compounds the difficulties retailers face in protecting their sensitive data, as each environment, and often each implementation within the environment, can require a unique data security approach.




Tools that reduce multi-cloud data security complexity are critical

With multi-cloud use, managing, controlling, and monitoring data security across all of these environments becomes a critical problem. As a result, it’s not surprising that complexity was identified by 40% of respondents as a top barrier to data security deployment. Analysis of this year’s results showed that the percentage of retailers increasing IT security spending declined. 62% reported increases in spending, which is well down from last year’s 84%. With increased complexity in data environments and funding increases tapering off, retailers will need to get the highest possible return from their IT resources and spending. Data security platforms and service offerings that can help organizations manage the complexity of spanning cloud, on-premises, and other environments are critical to meeting these needs.

Encryption technologies are the top tools needed

Encryption and tokenization solutions provide some of the strongest protection in today’s data threat environment, and respondents seem to understand this. At 40%, data encryption was the top technology needed to alleviate data security concerns for cloud environments.


Top analyst recommendations from the report

1 – Invest in modern, hybrid and multi-cloud-based data solutions for modern architectures and look for solutions that allow you to do more with less.

This first point about investing in IT security solutions that use modern architectures is critically important. We talked earlier about how the proliferation of DX environments is making it harder to protect critical data. The approach that works to keep costs and resource usage in line with budgets, while delivering the level of security needed, is to use a platform and service-based approach.

The alternative is to use many standalone solutions to each data security problem. This fundamentally increase costs by requiring separate infrastructures, management environments, resource sets, contracts and more for each island. A platform approach, especially a platform approach that can protect assets across DX environments, reduces costs and resource requirements to solve the problem. And with IT security spending increases tapering off, that’s now a requirement.

2 – Prioritize compliance issues.

Recognizing the fundamental need for retailers to meet payment card and government data privacy initiatives, compliance is a minimum requirement for doing business. If you don’t meet the requirements, you don’t do business. But compliance requirements often apply to very limited data sets – leading to strong protections for some sensitive data, while unregulated data doesn’t seem the same level of focus, even if it is sensitive.

3 – Focus on all threat vectors

If you look deeper into the report you’ll find that retailers’ perceived risks shifted this year from internal to external – and that both require attention to secure sensitive data.

4 – Data security, starting with encryption and access management, is an important part of the mix

When it comes to data security, start with the fundamentals – encryption and access management technologies are base level data security tools needed to secure sensitive data regardless of where it is deployed.

For more key findings, download the 2019 Thales Data Threat Report- Retail Edition.