According to the Oracle and KPMG Cloud Threat Report 2019, 72% of respondents feel the public cloud is more secure than what they can deliver in their own data center and are moving more data to the cloud. In fact, the advent of the cloud has seemed to have an altogether positive and outsized effect on small and midsize businesses everywhere, as it has made Enterprise-grade tools available at commercial-grade prices. Companies that were previously limited by the need to manage complex server and network environments to host applications, can now utilize state-of-the-art tools at bargain prices with nothing more than an internet connection. Yet this accessibility comes at a price, as cloud security is often overlooked and leaves sensitive data more vulnerable than ever.
In conjunction with selecting various cloud applications for operations, accounting & marketing, companies MUST begin considering the business risks and appropriate cloud security tools to manage them.
Multifactor Authentication (MFA)
Perhaps the most well understood and adopted cloud security feature of all, it is still surprising how many companies resist or ignore multi-factor authentication (MFA). MFA prompts the user attempting to log into a system to provide a second (or third) form of identification for access. In the case of Microsoft’s tools, and many others, a phone app will prompt the user to “Approve” or “Deny” an access attempt after username and password are entered. This means that without the user’s phone, the username and password are effectively useless to access that system. MFA can be rolled-out with minimal user disruption and little-to-no cost. Enabling it is an absolute must for any sensitive cloud applications.
Single Sign-On (SSO)
Single Sign-On (SSO) is a rare security feature in that it both significantly improves security while also improving user convenience and experience. With SSO, the applications that each user needs to have to do their job are identified and provided through a single dashboard. The user puts their password in once (verifies it via MFA if applicable), then can immediately see all of the apps in their user “ecosystem” from a single page. The SSO application automatically logs the user into all their applications with no need for the user to remember passwords. This can greatly improve the speed of adding or terminating users from an environment, as an admin can remove all access to all applications with one single password change!
Mobile Device Management (MDM)
Virtually every cloud solution on the market offers mobile device access, which complements the “always-on, work anywhere” world we live in. But as solutions become mobilized and accessible from anywhere, so does sensitive data. If a salesperson can access their entire contact list from their cell phone, and forward it on to their personal DropBox account, the company has lost control of its data. A critical way to address this is a Mobile Device Management solution. Microsoft has developed a solution called Intune that is bundled with several of its Enterprise Mobility + Security solutions. It allows administrators to quarantine certain data or applications and create rules around how they can be accessed. For instance, an administrator could create a rule that a customer list could not be forwarded, moved, emailed or screenshotted from a phone. Like SSO, if a user leaves a company or their permissions change, MDM solutions allow an administrator to easily and completely eliminate all access from users mobile devices.
As companies rush to take advantage of the tremendous benefits of the cloud, it is critical that they consider ways to protect their data as the threats to their business multiply. If you need guidance, Upward is here to help. Please reach out to us!