Security and Compliance in the Cloud: Fact and Fiction

Post Date: 04/05/2018
feature image

The cloud offers the combined resources and finances of hundreds of thousands of organizations, but why does that give it a chance to be more secure than on-premises infrastructure? And what considerations do you need to keep in mind when you plan your move? In this Speed of Technology Podcast episode, AvePoint’s Jay Leask (Federal Solutions Architect) and Craig Jahnke (Strategic Advisor) introduce a new series of content around Security and Compliance in the Cloud.   


Be sure to check out Craig and Jay’s podcast, “On the Spot” 


IT organizations are moving their companies to the cloud at a much faster pace in recent years to save costs and be more agile.  From moving to Office 365 for email or Amazon Web Services for distributed content, to “Joe down the hall” using Dropbox to share files with people across their company, almost every organization has at least one foot in the Cloud.

Now that IT departments are comfortable with the Cloud, they are preparing to move full systems like Exchange or SharePoint – below are five top-priority things your organization, and you as an IT manager, should consider when moving to the Cloud:  

  1. Readiness Assessment – Why are you moving to the Cloud, what are your priorities, what is your plan and how will you manage it? Inventorying what you have is a good place to start.  You need to know what you have and what systems are dependent on each other before you can begin to move anything.  What data do you have?  Scanning your data is important, you don’t want to move PII data or confidential information.   
  2. Vendor Evaluation – Who is best for what you need them to do? What are their SLA’s? What will they help you with? What do the charge?  Azure, AWS, Google, and IBM all have strong Cloud offerings, but each have unique strengths and weakness. You want the one that is best for your business. If you’re an international company, GEO location of data centers might be important.  What tools do they have to ensure your data is being kept in a secure and compliant manner?
  3. Training – Going to the Cloud is a big shift in how users accomplish their job.  You want to enable them to be as productive as possible from day one; creating places for your users to put data that are secure while making it as easy as possible to do the right thing. This will help eliminate Shadow IT and reduce risks across your organization. 
  4. Governance Automation – You want to make sure you are doing everything possible to make it easy to manage your Cloud environment.  Tools should enforce security permissions and company policies, eliminating end-user complexities that come with new solutions.  Automate as much as possible and allow your staff to focus on improving processes essential to your core business.  Think strategic instead of reactive.  
  5. Reporting – Good reporting is essential to Cloud management.  You want to make sure you are using your resources wisely.  Everything in the Cloud costs money, so you want to be able to scale back resources when necessary.  You also want to be aware of what your users have access to and what they are using regularly so that you can focus both on security and productivity.  You want to enable them to do their jobs as effectively as possible in the most secure environment as possible.  In the compliance world, it is not enough to be compliant, you must be able to prove your compliant.  

The above is a summary of a podcast from Jay and me. Check out the full transcript here or listen below! Also, be sure to subscribe to AvePoint’s blog for he latest in all things Office 365, SharePoint, and more!

Share this blog

Subscribe to our blog