By Pete Braithwaite, COO of KIT Online
Cloud services are inherently scalable, responsive and flexible. They offer huge flexibility – after all, workers are no longer limited to just a select number of pre-determined locations – and as competition for recruitment hots up too, this allows the net to be cast further afield to secure the right staff.
Movement towards the cloud will only continue to grow. In these unprecedented times, where many businesses have been hit hard by the events of the last 18 months or so, cloud offers an attractive way to scale as and when a business needs, with no capital expenditure outlay and a subscription model that many companies find appealing. You can increase – or decrease – your capacity to cope with the traditional sales calendar but also – and especially important in these times of economic uncertainty – are often able to do the same for the number of seats you are being billed for when it comes to licensing.
As many businesses will be looking to grasp the potential for a post-pandemic economic rebound, how important is the cloud? And how can businesses look to both implement and adopt a cloud-based approach safely and securely, especially when it comes to managing data?
What’s the future of cloud?
So, what’s the future of cloud’s role in enterprise? And what implications will this have on cybersecurity and cybercrime? Well, one thing is for certain – cloud is here to stay. It offers a flexible, cost-effective way of procuring the services required for running a business with a dispersed workforce.
Cloud security considerations should be an integral part of any business now. The National Cyber Security Centre has 14 Cloud Security Principles which cover the protection of data in transit, asset protection, individual data isolation and access security, amongst other topics. The principles are not dissimilar to on-premise cyber security principles but the widening of the access points to cloud services and effective outsourcing of data storage means that lax security can open far more opportunities for attack.
To maintain the safety of data, devices and staff too, businesses must provide continual education of users on best practice, current threats and the implications and consequences of these. All staff should know what is – and what isn’t – acceptable security-wise, and the company’s policy on document sensitivity and data access. For businesses to thrive and remain safe, they must seek to implement a security-first culture.
How secure is the cloud?
In many ways, the cloud is in fact safer than traditional on-premise solutions. If an individual device is compromised or becomes defective, data stored in cloud services is not lost and can be accessed from an alternative device. If a device is stolen, any local data could be remotely wiped to avoid it being used perfidiously.
Alongside this, operating systems on devices are changing to better accommodate the shift to cloud. Chrome Enterprise, for example, is built for cloud-first devices with additional security features that make management even of a mixed device estate much easier to administer and keep safe.
How can a business adopt cloud solutions safely and securely?
Firstly, businesses must ensure a robust device policy – even for BYOD (bring your own device). The management of the estate is critical.
Next, provide a verified whitelist of trusted software and services rather than allowing users to search for – and potentially use – insecure or similar services designed to ensnare unsuspecting users.
It’s also crucial that businesses make sure that employees are educated about the security protocols, permission-based access and sensitivity of documents.
Finally, all IT teams should still confirm that cloud partners have adequate security measures – the responsibility cannot be shifted 100%. As per an on-premise solution, admins still need to be able to check that the systems and data are safe, that the latest security patches have been applied and have live visibility on any immediate threats that have been detected.