Interaction - Kunal Kislay, CEO & Co-Founder, Integration Wizards

Kunal Kislay, CEO & Co-Founder, Integration Wizards Solutions tells us about security, surveillance and protection of privacy in this interaction.

How do you distinguish between the thin line between surveillance, tracking and invasion of privacy?

Kunal - Surveillance accesses and analyses data to protect from potential threats. It can be deployed to monitor a place/situation, ensure smooth operations via automated SOPs and identify defaulters. The data may be recorded for administrative purposes. Surveillance for sectors like retail, warehouse, health and safety, among others, optimise their outputs sans intrusion.

Tracking, alternatively, is the process to gather and utilise data on the basis of consent. It is useful to comprehend customer behavior, deliver specific recommendations and arrive at business decisions for the future. The data is recorded and saved for longer durations. Tracking is largely employed in the E-commerce sector, followed by delivery-based businesses (eg. Food delivery), marketing and health.

Invasion of privacy enters when the data collected is extracted to re-purpose beyond the consent of the party. The facilitation of such a process is easy, once the consent to read and gather data has been provided.

The lines between the three get blurred as the other side is not accessible to the party whose data is being compiled.

What are the challenges in software integration with Cloud security?

Kunal - Misuse of tools and threats like data breaches can have an everlasting negative impact, irrespective of the type of software integration system. The first identifiable challenge is the insider threat, i.e. issues around negligence and credential thefts within the enterprise.

Secondly, misleading consent-notices give selective freedom to people regarding their information. Known as the ‘dark patterns,’ these are misleading website visitors to create a pool of information. The big data is generated via consent notices with confusing/ multiple sets of instructions. Most of this data is not cleaned and consists of biases. It makes the outputs biased and hence, decisions built on such outputs get compromised.

Thirdly, the data is stored and tracked for longer durations to analyse and create relevant results. It only increases the chances of data breaches. Recently India has experienced regular reporting of such breaches. The chances will exponentially increase, given our intensified need for big data storage for almost every sector.

How do you resolve these challenges?

Kunal - It is imperative for organisations to have dedicated teams focusing on audits, review and testing of the possible security threats periodically. One must ensure standards of data security and breaches are tackled since its inception. Apt processes and systems can be aligned with the software systems. From the ideation to the design phase of a product/ service/ platform. Access & key management, insecure interface & APIs, change control, data duplication, migration, and storage policies and processes are key areas that need to be under supervision.

Half-yearly or annual threat analysis in organisations is a feasible solution. This may vary based on the frequency of changes, upgrades, and add-on in one’s product or service. A Vulnerability Assessment and Penetration Testing (VAPT) may be conducted. Security teams can then review the same for any major release, to affect changes in the platform or interface with cloud infrastructure.

To relieve businesses from insider threats, certain SOPs can be established. They may be supervised by a threat assessment team that reviews all these possible challenges on a regular basis. For the end-users (websites and products), the consent-driven notices must have clear and transparent instructions.

With respect to governance, there is a need for surveillance laws and robust guidelines to reduce bias in AI systems. The laws and regulations like the GDPR and PDPA are some critical steps to encourage best industrial practices and ensure comprehensive safety. But the onus lies on the organisations to form a structure, culture and processes to enforce appropriate practices and standards.

What are the new directions software integration is taking in 2021?

Kunal - Remote work only increases the chance of breaches as we become more and more dependent on the digital for our personal as well as professional lives. We are witnessing an increase in Bring Your Own Device (BYOD) across the globe. On one hand, it welcomes benefits like an increase in comfort and productivity. On the other hand, it reduces operational costs for the enterprise. However, it poses a challenge for IT teams across organisations.

With regards to this, organisations and service providers are shifting focusing on potential security threats of the present and the future. Proper device and access management will be crucial in ensuring the mitigation of security threats. SaaS setups have paved their way into multiple channels and businesses. Moreover, Hybrid integration Platforms(HIP) is an evolving stream that shall encourage a multi-cloud ecosystem. However, the potential challenges of such an ecosystem are to be evaluated.

Though we have a long way to go, the future of software integration looks forward to reliable, secure and adaptive discourses.