About Us
Poof. And just like that, everything was gone.
Who hasn't experienced it? A hard drive that suddenly fails, a camera's SD card that becomes unresponsive, or a mobile phone with photos that no longer reacts at all. These are problems that, with the advent of 'the cloud,' were supposed to be a thing of the past. We automatically synchronize our photos and documents to the servers of Apple, Google, or Microsoft, trusting them to store our data securely and redundantly. Generally, this is indeed more reliable than storing your data locally.
But what if you receive a photo via a dubious WhatsApp group? You know, one of those groups you were added to once, which has been silent for months, but you haven't bothered to leave. And imagine if one of the members in such a group shares a photo that everyone knows and agrees is inappropriate. Before you know it, this photo is also synchronized with the cloud.
It has happened in the past that cloud providers have subsequently determined that content stored in an account violates their code of conduct, leading to the blocking or deletion of the entire account. The options for appealing such decisions often prove limited. For those who experience this, the cloud suddenly no longer seems so secure.
With the rise of the cloud and affordable, reliable, high-speed internet, the integration of IT systems has seen tremendous growth. This is logical, as integration offers significant convenience. You can access your documents anywhere, you only need to log in to one account, and an address change in one system is automatically implemented across all others.
Integration also provides substantial benefits for IT vendors; it is more cost-effective to offer a broad set of functionalities. It is far simpler to integrate with an existing system, such as the Dutch Key Register of Addresses and Buildings (BAG), than to build a proprietary database to link postcodes and street names.
Furthermore, a direct link to the source system prevents various complications regarding data accuracy. If multiple systems store a person's email address, and these systems do not communicate with each other, how can we ascertain the correct email address?
Therefore, in many situations, integration is highly recommended.
Within the framework of risk management, an additional aspect emerges. Integration also creates dependencies. On one hand, the use of single sign-on (SSO) offers a solution for individuals who might otherwise forget their passwords or for removing departing employees from all linked systems simultaneously. However, what happens if there is an outage with the SSO provider, and your colleagues suddenly lose access to various other critical systems?
By decoupling systems or using a "temporary" copy of data, these dependencies are reduced. In CrisisSuite , for example, when connecting to an HRM or document management system, we CrisisSuite a local copy of the files and personal data so that we still have access to them even if the organization’s IT infrastructure becomes inaccessible or insecure. This makes the system more robust.
As is often the case, the decision ultimately involves weighing the advantages and disadvantages of various options. In practice, it is usually quite straightforward to determine which dependencies are acceptable and which are undesirable. However, this necessitates a conscious evaluation on our part.
In a professional context, many CISOs, IT managers, and crisis coordinators are actively addressing this. While this is a positive development, smaller organizations would benefit from a more critical examination of these aspects.
On a personal level, many individuals do not consider this at all, despite the fact that losing access to all photos and documents can cause significant frustration and distress. Furthermore, the aforementioned cloud providers often simplify connectivity to such an extent that considerable resolve is required to maintain separation of certain elements. Nevertheless, I am convinced that this effort is worthwhile.
