A recent article in The Telegraph about a Fortnum & Mason customer data breech highlights a common area of weakness to most integrated web solutions. Your typical Digital Deployment consists of a stack of disparate component systems which need to be integrated together to be able to work as a complete solution. Every separate component system which is introduced into the mix increases your risk profile - and gives hackers and cybercriminals more avenues for attacking your systems and exposing vulnerabilities.
In the case of Fortnum and Mason - it was a third party survey app which did the damage and exposed the details (albeit not financial / payment details) of 23,000 of their customers. We have known for a while that Facebook was a touch on the sly side when it came to customer privacy and GDPR - and its new advertisements proclaiming to be doing more to protect the privacy of their users is just deceitful propaganda really, as they haven’t really changed their business model at all, and are still looking to sell on your personal details and your phone’s entire contact list to absolutely anyone including criminal cartels and shady Russian cyber organisations.
For Affino we try to give our Clients everything they need in one seamless - properly holistic and unified system - which sits on a single database. Ports of entry and exit are strictly limited, and the overall attack surface for Affino is about as small as it can be. We of course cannot get in the way of our Clients’ wishes to integrate other preferred suppliers’ 3rd party solutions into the mix, but they should undergo the most stringent of risk assessment before they do. Very few companies consider the data security and privacy side of things when they come to select a specific solution, but as GDPR and its related fines ramp up, companies will finally start getting as serious about their data integrity and security as their customers would like them to be.
Every 3rd party integration you add is more grist for the mill for cybercriminals - another route in for them to try to exploit. And not a week goes by without us hearing about some company inadvertently losing control of their customers’ private details - and their passwords etc. ending up for sale on one of the darknets.
There are several core methodologies that are key to the Affino platform’s unified approach - efficiency, productivity, lowered overheads, improved security, fully holistic and entire - and seamless GDPR - with permissioning across every customer interactional or transactional activity.
These old-fashioned enterprise stacks used to be how things were always done, and some of the older consultancies and larger corporations still use those methodologies - often stringing together several actual disparate units into a supposedly singular system - Yet for those that operate them it soon becomes clear that they don’t share all the same functions and database entries and that the customer’s path through the different parts of the system are not as seamless as was originally thought.
The old path is actually more complex, more expensive to run, and more prone to ongoing and incidental issues. And there’s no avoiding the fact that the more 3rd party systems you have to integrate the more vulnerabilites and targets you are creating for those that would exploit them.
We say do yourselves a favour, and especially your customers - in selecting a wholly Unified Digital Business Platform like Affino - anything else could frankly be construed as reckless endangerment!