[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”4.16″ global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row admin_label=”row” _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.16″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||” theme_builder_area=”post_content”][et_pb_text admin_label=”Text” _builder_version=”4.16.1″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n
If only life were so simple! \u00a0 We have some clients that ask us about file security in the cloud as if the answer is an absolute.\u00a0 Of course it isn’t.<\/p>\n
![\"\"](\"https:\/\/new.kinetics.co.nz\/wp-content\/uploads\/2018\/09\/boycloud.jpg\")
Assuming we\u2019re talking about a reputable mainstream cloud, the answer is an emphatic \u2018YES\u2019, mostly. It makes sense that a major provider can afford to put multiple layers of expensive protection around their platforms that an average business just can\u2019t afford. The physical security will be mission-impossible impressive, and the digital security equally so.<\/p>\n
Businesses like Microsoft are very aware of how they have to earn customer\u2019s trust and they know that security is an absolute bottom line. They go to town on this! Likewise, they are (successfully) fighting regulatory authorities to make sure they don\u2019t hand over your data when the boys in dark suits and shiny badges appear at the door (which to be fair isn\u2019t really a concern for most of us).<\/p>\n
So, cloud services like Microsoft 365, Azure, Amazon and Google are reasonably secure. We know Microsoft the best, and we\u2019re very impressed with their file security.<\/p>\n
<\/p>\n
But, and it is a big BUT, people remain the biggest risk<\/strong>.\u00a0 We have already warned about this in terms of social engineering<\/a>. But it\u2019s generally mistakes or aberrant behaviour that is the biggest threat. Nothing is more frustrating than getting a call on Monday from a client \u201cJack (or Jill) left on Friday and I need to check if they copied any files and took them with them\u201d. Generally, that\u2019s a case of closing the door after the horse has bolted.\u00a0<\/p>\n So, the problem is the cloud makes it easier to access data anywhere, anytime. It\u2019s also incredibly easy to share files with external parties – which is great for collaborating on projects. That\u2019s it\u2019s great strength. But, its open to abuse. There are ways to monitor and alert for changes in your 365 behaviour such as<\/p>\n So we built this into our new KARE for Security\u00a0<\/a>service.\u00a0 It includes quarterly reporting on available alerting parameters, external identities, full mailbox rights and Azure group membership.<\/p>\n This is just the beginning. Office 365 includes a very rich set of file security and compliance tools. These range from a security assessment \u2018secure score\u2019 to a feature called \u2018Data Leak Protection\u2019 in which policies are created to protect content based on characteristics of that content. Setting that up varies immensely from business to business depending on their needs and we\u2019re very excited to work through the options that best suit you as mini-IT projects. The best way to start this is with our [wow_colorme]“FlightPlan”<\/a>[\/wow_colorme] that will define the requirements clearly.<\/p>\n The problem is that once data has leaked out, there is reputation risk and if you do have staff making errors of judgement, then the sooner you can identify it and address it, the better. \u00a0 You can cause people to cease before harm is done, and if there is a data breach, you have an obligation to report it, often with pretty severe penalties if you don’t.<\/p>\n KARE for Security<\/strong> complements your existing maintenance contract with an enhanced security package, designed for the modern cloud-anywhere world. It\u2019s a mixture of tools that go beyond traditional IT support to help you harden your ICT against intruders.<\/p>\n What more can you do? \u00a0 Cert NZ is the NZ Government Cyber Security unit – it’s worth reading their top recommendations – https:\/\/www.cert.govt.nz\/it-specialists\/critical-controls\/<\/a> – you’ll see that a Kinetics KARE plan helps you minimise your risk<\/p>\n <\/p>\n <\/p>\n <\/p>\n [\/et_pb_text][et_pb_code _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n\n
What is the risk?<\/h2>\n
Want to know more about how Kare for Security can enhance your protection?<\/h2>\n