Reduce Cybersecurity Risk with a Secure-by-Default Enterprise Cloud

Doug Theis
Published

Is your organization facing a server or data center hardware refresh in the next 18 months? If so, you may be considering purchasing replacement equipment to put in your primary internal data center or colocation facility. You may also be considering enterprise cloud infrastructure as an alternative. The most common reasons that organizations choose cloud may appeal to you:

  • Operating expense replaces capital expense – The CFO likes the idea of predictable technology costs that do not trap capital that could otherwise serve the core business.
  • Pay as you grow – Pay for only the resources you use as you use them. Changes in the business can be mapped to incremental changes in cloud resources and associated costs.
  • Offload tactical IT work Many organizations would rather their IT staff spend time on supporting end users, applications and business initiatives.
  • Higher availability – The vast majority of cloud data centers have fully redundant power, cooling and staff to ensure the highest levels of uptime for your systems and applications.
  • Familiarity and Compatibility – Enterprise cloud platforms deliver VMware, Windows and Linux systems on highly redundant hardware, which is often exactly what your internal IT staff and your IT service providers know how to support.
  • Security – Organizations want to leverage expert security best practices to reduce the risk of an outage or a data breach.

While all the reasons above have merit, the majority of organizations we meet with are most concerned about how the cloud can improve their security posture and reduce organizational risk. Why is this?

Cybersecurity is a top risk

Most CEO surveys today rank cybersecurity threats as a top-five risk, regardless of industry type. CEOs care about data breaches and ransomware attacks because attacks have become so common, regardless of organizational size or IT staff expertise. CEOs know that a ransomware infection or a data breach can put the life of the organization at risk.

Security best practices are difficult and expensive to implement

Internal IT staff often struggles to maintain an up-to-date, standardized set of security best practices. Why? Keeping security systems running and updated with proper patches and policies is time-consuming, expensive, and difficult. New threats often require new tools or new security equipment. Few internal IT staffs can keep up with the ever-changing landscape of threats.

How can cloud infrastructure reduce the risk?

Infrastructure platforms like Expedient Enterprise Cloud (EEC) have best-in-class security features baked into the architecture, which enables a secure-by-default cloud experience. For instance, standard EEC security features include: Active Directory integration, micro-segmentation, data encryption at rest, multi-factor authentication (MFA), and role-based access control (RBAC). In other words, running your applications on a fully managed cloud platform like EEC can help you implement security best practices without having to evaluate security tools, purchase, license, implement, maintain, and update these tools.

In this scenario, your internal IT staff needs only to work with the cloud infrastructure provider to understand the catalog of security features, then work with the provider to select and configure based on the organization’s security posture. Co-management of security tools by an enterprise cloud provider like Expedient will free up your IT staff to focus on strategic projects and will reduce the ever-present cybersecurity burden on your staff and IT environment. Just imagine, your IT staff can take PTO confidently knowing that security will be handled while they are away!

What security expectations should I have for an enterprise cloud provider?

The best enterprise cloud providers deliver these security best practices as a standard part of their offering:

  • Multiple firewalls with automated threat management and protection – Firewalls define a secure perimeter to prevent access by bad actors and to alert you if someone tries.
  • Disk-based encryption at rest – All company data is encrypted on cloud storage, making the data even more difficult to read, even in the event of a breach
  • Multi-factor authentication (MFA) for administrators – Like an ATM card with a PIN, MFA only allows Administrators to access systems if they have a physical security token plus a passcode.
  • Network micro-segmentation – Limiting which servers can talk to each other limits systems access by bad actors even if a breach were to occur.
  • Logging and optional log aggregation of activity on computer systems with the ability to audit those logs allows forensic teams to evaluate what happened during a breach or an attempt.

Can’t I do the same thing internally?

Yes, you can implement similar tools internally but the cost of implementing the best practices mentioned above and their associated tools can run upwards of tens of thousands of dollars per year once you factor in acquisition costs, support, maintenance, upgrades, troubleshooting and continuing education. Why not let the experts handle it so that you can focus on your business knowing that your IT infrastructure is secure?

Interested in learning more about how Expedient Enterprise Cloud can increase your security posture while decreasing time-consuming security administration? Contact me for more information.

Doug Theis is the Director of Market Strategy in Expedient’s Indianapolis market focused on engaging with and improving the regional IT community through planning, sponsoring and attending community events, facilitating IT-focused continuing education opportunities, and sharing strategies, tactics, and research to help IT professionals stay abreast of best practices and industry trends. Connect with Doug at doug.theis@expedient.com and follow him on Twitter.

The best of Expedient delivered to your inbox.

Sign up for more technical briefs, stories, and special offers from Expedient.