Posts

Managed Cloud Security: 7 Ways to Keep Your Cloud Environment Safe

Managed Cloud Security ServicesIn a recently published report, one of Forrester Research’s five key cloud predictions is that cloud management providers will tackle cloud security.  With the Capital One breach, the first major breach in a public cloud, the industry has a new focus on security and public cloud services. Small and midsize businesses (SMBs) are more likely to use public cloud managed services over specialty providers and private clouds. As such, SMBs need to focus on cloud management.

What is managed cloud security?

Managed cloud security refers to the practice of outsourcing the security management and monitoring of a business’s cloud infrastructure to a third-party service provider. This includes the implementation of security measures such as firewalls, access controls, and intrusion detection systems, as well as 24/7 monitoring and incident response. With managed cloud security, businesses can ensure the security and integrity of their data and applications in the cloud, while freeing up internal resources to focus on core business operations.
Managing cloud security risks involves a multi-layered approach to ensure the security of a business’s cloud infrastructure.  Effective cloud management can prevent holes in your security protections and save you money.

Cloud management, as a practice, formalizes access, licensing, usage, security, and spending for your cloud services. Instead of focusing on each cloud application or service independently, Cloud Management as a practice oversees and manages the big picture.

Seven key components of Cloud Management are:

  1. Document which cloud services are needed and used based on each person’s role within the organization
  2. Based on need, determine the level of access for each person/group based on their roles and responsibilities
  3. Understand and document subscription and licensing rules for each service, to ensure you can optimize subscriptions and spend
  4. Create standardized on-boarding work flows to ensure new employees and those changing roles are
    • Provided access to only the cloud platform services they need
    • Are assigned appropriate access to features, functionality, and data within each system
    • Access to data is consistent across cloud services
  5. Create standardized off-boarding work flows to ensure:
    • All cloud services accounts are deactivated, preventing orphan accounts from being left open
    • Data within each cloud service is archived or transferred to other user(s), preventing data loss
    • Cloud subscriptions/licenses are modified to prevent unnecessary costs
  6. Track licensing and subscriptions to:
    • Adjust your subscriptions to match your need, as allowed by each cloud service
    • Identify and remove unused licenses
    • Understand and manage your spending
  7. Actively search for, identify, and manage use of unauthorized cloud services to:
    • Minimize or eliminate “Shadow IT” risks with respect to security, data loss, and compliance
    • Identify and move users from duplicate services to authorized services
    • Provide training on authorized apps and services, preventing the need to use other services
    • Identify cloud services needed or wanted by staff, but not yet available through and authorized app or service

By applying the basic tenants of cloud management you can reduce your security risks, optimize your services and licensing, and better manage your spend.

FAQs

What are the three key areas for cloud security?

  1. Data Security: This involves protecting the confidentiality, integrity, and availability of data stored in the cloud. It includes measures such as encryption, access controls, and data backups.
  2. Network Security: This involves securing the network infrastructure used by cloud services, including firewalls, intrusion detection/prevention systems, and virtual private networks (VPNs).
  3. Application Security: This involves securing the software applications running on the cloud infrastructure, including secure coding practices, vulnerability management, and web application firewalls.
By focusing on these three key areas of cloud security, businesses can effectively address the most critical security risks associated with the use of cloud services.

Cumulus Global offers Cloud Management tools and services.  Contact us for a free, no obligation Cloud Advisor session to learn more.


 

The Curse and Blessing of Office 365 Licensing

Office 365If you ask IT pros about Office 365 licensing, they are likely to roll their eyes.

If you ask which license is right for you, the conversation will likely start with a heavy sigh. Microsoft has 6 primary Office 365 license options for business, several add-ons, a number of special-purpose licenses, and over a dozen stand-alone and value-add products.

The Curse is Confusion

Between the number of options and the frantic rate of new features and updates, we are not surprised when companies complain that picking the “right license” is confusing. You end up bouncing between tabs and browsers, comparing feature lists that never seem to have enough detail. You struggle to find which add-ons work with each license type. You may not even know where to look for specialty licenses that can save you money. And with the rapid growth of features and functions, you wonder if the web pages you scour for information reflect the latest updates and options.

The Blessing is Customization

You can escape the confusion. And, in doing so, you can customize your Office 365 licensing plan to best meet your needs. With “too many options”, you can mix and match licenses to the needs of your users. You can tailor the feature sets for groups of users and lower your average cost per user at the same time. You can decide when to rely on built-in features or third party solutions to meet specific business requirements. You can decide which users get add-ons and which do not.

The Key is Understanding

The good news: with guidance and understanding of the Office 365 and Microsoft 365 licensing structures, you can plan and implement subscriptions that meet your organization’s needs at the most affordable cost. By looking beyond Microsoft-only options to select third party tools, you can mix in lower cost licenses without sacrificing compliance, threat protection, telephony, and needed features. You can map out a strategy that enables hybrid computing and services and capabilities move to the cloud over time. You can integrate your cloud an on-premise environments into a seamless service.

The better news: you do not need to gbecome an expert.  Our Cloud Advisors, backed by experts from Microsoft, are ready to assess your needs, explore alternatives, and design solutions options. You gain understanding and select the option that best fits with your needs, priorities, and budget.

Your Next Step is ….

If you haven’t settled on a Office 365 or G Suite as your cloud suite, or if you think you should change from one to the other, your next step is our Which Cloud Analysis.  You complete a comprehensive survey and we provide a formal report that assesses your needs and environment and provides specific recommendations. We will also schedule a Cloud Advisor Session to review and discuss our findings and recommendations.

If you have decided, or currently use, Office 365, contact us to schedule a Cloud Advisor Session to review your environment and needs.  We will help you assess, plan, and implement a solution that delivers the value you want and need.