In the changing age of always-on, always-connected devices and the push towards the cloud, a common question that is brought up ‘How secure is the cloud for my business?’. With SMBs becoming a bigger target to cybercriminals, it is important to evaluate the security of your IT systems regularly. This article should help to answer this question and provide an understanding of the considerations to keep in mind when using ‘the cloud’.
Many SMBs are still running on-premises servers, some may be due to requirements for core applications, for others it may be due to legacy understanding on security and technology.
Although the traditional On-Premises server might make you feel more comfortable, given that you can physically pick it up in the case of emergency, the hidden costs when it comes to keeping the servers running (electricity, cooling, security, hardware maintenance etc) is becoming uneconomical and less secure. This can place a huge burden on a company’s budgets (even if this is outsourced to a managed service provider).
This is where the cloud does come in to its own. It opens the opportunities for SMBs to obtain access to Enterprise-Grade services that would normally be outside of the budgets for most. A great example of this is the capabilities provided in Microsoft 365.
Microsoft 365 provides not only a suite of productivity and communication tools that are of enterprise quality, but they also provide security services that are bundled into the suite which provides a great value proposition. Microsoft have, and continue to invest billions of dollars every year in research and development of their security offerings which provides a great deal of peace of mind.
However, though the Cloud may seem like an easy solution to resolve security, businesses are not completely off the hook. The governance, policies and account security are still crucial in developing, implementing, and evaluating cyber security for any technology strategy whether it be on-premise or cloud based. The boundaries of responsibility for all cloud providers stop at the customer account, access permissions and security settings.
Some important points to consider when using cloud services:
- Is my password secure?
- Have I enabled Multi-Factor Authentication?
- Who has access to this data (other staff, shared with everyone, etc)?
- What other features can I enable to help increase my security posture?
- How am I backing up my data?
It is important to note that just because your data is in the cloud, it does not mean that it is automatically safe and protected. For example, you could compare the situation to installing CCTV in your house (cloud and its level of security) but leaving the door unlocked or a window open (account security, access permissions and security settings). Whilst all these great security tools are there and available, they do need to be adequately implemented into your business to be effective. Even more importantly your team need to understand their responsibilities when it comes to being cyber fit.
If you are using Microsoft 365, there are already security features included in most licenses that only need to be turned on. Your IT provider should be able to ensure you are maximising the potential of your license.
Other ways you can secure your cloud environment is by ensuring you have backups of your data somewhere offsite (not with the same provider you use for your Cloud). This way, if the cloud service has an outage, you can rest easy knowing your data is safe.
ONGC are a Gold Certified Microsoft partner with a large team of experts that are ready to help. It never hurts to get a second opinion, if only for peace of mind around your security.