For small and mid-size businesses, being able to move specific IT processes to the cloud is very appealing. Why? Because the cloud enables an easier path to the scalability of IT services on an as needed basis. This in turn means that the cloud is loved for cost control, as well as its positive effect on reducing complexity as well as the manpower needed to both operate and maintain core infrastructure.
While the cloud can open the door to many benefits, at the same time the technology could potentially undermine the security of your business. So, security first!
Managing cybersecurity in the cloud, your first consideration?
A key preliminary step for any SMB in considering a move to the cloud should be to weigh the impact it will have on the wider security of their IT infrastructure. It may be a good first step to audit IT Security capacity as the move to cloud-based services often goes hand in hand with changed or scaled up IT infrastructure demands.
Part of this “audit” could include an examination of processes and tools that can enable IT admins to manage security more efficiently company-wide. Within ESET’s B2B portfolio this functionality is addressed by our ESET Cloud Administratorplatform, which allows IT Admins to check devices, apply updates, review the status of the network and remotely install endpoint security on what is likely to be a diverse mixture of devices.
Below are some other factors you should look into before entrusting your business processes or data to the cloud. Included are key considerations if you are considering migrating administration of endpoint security to the heavens above.
Credentials
It's a given that you must thoroughly check the credentials of your chosen provider to understand what you’re getting, and what you aren’t. Regardless of what service you’re researching, remember security should always be considered.
Does the provider have a solid track record of security? Access, authentication and encryption should be considered must-haves. Also, look at whether or not the company has made a transparent commitment to cybersecurity, and check for a history of competent management. As a rule, you get what you pay for. You want to know that your provider has invested sufficiently into both expertise, quality hardware and security.
Encryption, yes you need it
You should encrypt as much of your cloud data and traffic as you can manage. This adds a layer of complexity and a little processing overhead, but not much (after you get it established); the peace of mind will be worth it in the end.
Why? Because putting your data and/or processing in the cloud means it is one step removed from your physical control. Since all that cloud content can add up to a lot of valuable intellectual property and sensitive information, you need to make sure you can control who can access it.
Don’t forget 2FA!
Your cloud provider may promise to look after your data, but that does not relieve you of responsibility for policing the access you authorize. It’s a good idea to limit access to specific individuals on an as needs basis and not simply leave the connection open for everyone to use. Consider two-factor authentication instead of merely relying on passwords.
As an SMB, the management of endpoint security administration via the cloud offers a lot in terms of usability and scalability, however, it is critical that your IT/Security Admin(s) retain strict control over access. Thus, the login to ESET’s SMB offering, ESET Cloud Administrator, can be protected by 2FA.
Across the spectrum of businesses, ESET’s endpoint protection products are highly rated for their low system impact (light footprint), cost effectiveness and high detection rates. These pluses are much enhanced by the easy access and comprehensive reporting abilities designed for small and medium business as delivered via the cloud.
To prove this point we’ve made ESET Endpoint Protection Advanced Cloud available for a free 30-day trial.
Once you’ve scaled your endpoint security via our user-friendly Cloud Administrator, you can turn your eyes to migrating other core IT business processes to the cloud.
Malware and the Cloud
Finally, and this should remain at the front of your mind, the Cloud does not possess special immunity from malware. Moving to the cloud does not end the need for protection. You need strong endpoint security on all devices that you permit to access your cloud.