Are you keen to fully migrate to the cloud and offer your workforce more productive mobile working opportunities, but concerned about the risks to your data security? If so, you’re certainly not alone.
With employees largely unaware of best practice for using unsecured SaaS apps, and compliance requirements becoming more urgent by the day in the build-up to GDPR, many organisations are understandably extra conscious of the need to protect themselves.
Fortunately, it’s now easier than ever to safely enjoy the many benefits of cloud-based data storage without having to fret over those commonly exaggerated security risks.
Of course, with no cloud security strategy and none of the necessary measures in place, your corporate data will be left exposed. But if the right processes, policies and controls are established, this doesn’t have to be the case.
Four steps to securing your data:
1. Require multi-factor authentication (MFA)
Multi-factor authentication (MFA) is now being offered as part of the service provided by most cloud providers. Much more secure than the traditional username-and-password authentication method, MFA combines something you know (password) with something you own (mobile phone) or have (biometric).
If a cybercriminal is to gain access to your password, it is extremely unlikely that they’ll also have access to your mobile phone. With a significant number of accounts guarded by duplicate passwords (73% to be exact), MFA can remove any associated risks.
2. Set appropriate security policies
One of the biggest concerns organisations will have when moving data to the cloud is the greater number of unrecognised devices and locations it can be accessed from.
One way this issue can be resolved is with Cloud App Security (CAS). Offering comprehensive risk reporting on who’s accessing data and where from, CAS will allow you to set up a range of security policies which filter suspicious activity and block access from untrusted IP addresses.
CAS also allows you to classify and categorise apps and data according to type and risk level, making it easier to ensure you apply the appropriate data protection policy in each case.
For a more detailed look at the tool’s features and capabilities, watch our three-part series of Cloud App Security demo videos.
3. Establish conditional access rules
As technology innovates to meet evolving security demands, enterprises have more sophisticated options than ever before for granting and denying permissions to access data. Applying access controls to company data is one of the most effective ways of ensuring it can be easily accessed by employees and collaborators, without being exposed to malicious outsiders.
Azure’s recently expanded conditional access controls will specify which data has been accessed, based on recognised users, permitted locations, and compliant devices.
The platform also utilises machine learning to continuously monitor risk events in real time, identifying the point of access by IP address and time and prioritising alerts according to the evaluated level of risk.
4. Encrypt data at rest and in transit
Last but by no means least, it’s important to encrypt sensitive data. This must be done both when data is at rest (i.e. not actively moving between devices or networks), and when it is moving in transit from one location to another via a private network or the internet.
Although it’s sometimes thought that data is only exposed and at risk when in transit, it’s essential to protect it in both states. The two carry different risk profiles, but ultimately attackers will be just as motivated to breach valuable data stored on a hard-drive as that being sent from one network to another.
Watch our SPE webinar to find out what technologies inside Microsoft’s Secure Productive Enterprise suite can help you protect data in the cloud.
Take the Cyber Security Assessment to learn how well your organisation currently protects data, and receive a tailored report with recommendations for how you can improve your approach.