Cloud IT Solutions Blog

The launch of the Ipad last year created better than expected sales as people rushed to purchase the latest gadget to hit the market.  Many people back then really didn’t know what they were going to use them for but they are now truly becoming a tool that is being adopted by businesses to improve productivity.

The success of the Ipad has also seen many competitors enter the market with various different types of tablet devices, many of which running Google’s Android operating system.  Devices such as the Samsung Galaxy Tab and the Dell Streak are now in competition with the Ipad for the hearts and minds of the user.

So can devices such as these really be a tool for business or are they just a glorified toy to play a few games on and surf the web?
I believe that by using the right applications these devices can be a very powerful business tool and can enable you and your business to be more productive.

With applications such as Google Apps, Netsuite, JCurve, Xero and Salesforce businesses only need a very lightweight device and access to the Internet to run their entire business.  Many of these applications such as Netsuite, Salesforce and now SAASU are creating native applications to work on these portable devices.  These native applications provide a streamlined interface to your business applications and in many cases also provides you with the capability to work offline without an Internet connection.

The beauty of these devices is that they are very portable and have fantastic battery life so you don’t need to lug around a power cord and charger.  This ensures your workers are more agile and can be more productive in more places more often. They are great to take notes on in a business meeting or take with you on that business trip.

The case for the use of these types of devices in business is compelling and Cloud Computing enables them to be a true replacement for the laptop and the humble desktop computer. Lets face it who wants to be chained to the desk all day.  With these devices you don’t need to be but you can still have the same if not increased levels of productivity.

They have a real hard time believing that their information can be secure if someone else is looking after it. The reality is that information security can actually be much better in the cloud than what is taking place currently in most small to medium sized businesses.

Cloud vendors take information security very seriously. It is not only your information that is at stake if something goes wrong but it is the reputation and the livelihood of the vendor as well. As most Cloud based applications are purchased on a monthly subscription basis, you the customer, have the flexibility to move to another vendor or service if the one you are using is not performing. This ensures that the vendor is highly motivated to ensure that you are happy with the service you are getting.

Google one of the world’s largest providers of Software as a Service (SAAS) combines advanced technology solutions with industry-leading security practices to ensure customer and user data is secure. Billions of dollars in capital are invested to ensure the most secure, reliable environment for data and applications. In particular, Google focuses on several aspects of security that are critical to business customers:

• Organisational and Operational Security – Policies and procedures to ensure security at every phase of design, deployment and ongoing operations.
• Data Security – Ensuring customer data is stored in secure facilities, on secure servers, and within secure applications.
• Threat Evasion – Protecting users and their information from malicious attacks and would-be hackers.
• Safe Access – Ensuring that only authorised users can access data, and the access channel is secure.
• Data Privacy – Ensuring that confidential information is kept private and confidential.

So with all of these controls in place what is the biggest security risk with cloud based applications?

In my opinion one of the biggest security risks with the cloud is one that has existed for some time with conventional applications – the end user!

This is by no means the fault of the user it is a simple case that most people do not fully understand how to conduct themselves responsibly online. It is like being given the tools to fix your car but not having the slightest mechanical knowledge. Most people know how to drive but there are not many of us that can fix the car if something goes wrong. The internet just as the engine of your car is full of pitfalls to the uninitiated. Issues such as Phishing scams, viruses, Spam email to name a few can all be concerns to a business and can affect productivity.

These issues are prevalent in both on premise software and cloud based applications but the big advantage of the cloud is the investment that has been put into technical controls to protect your data. Many of these controls are just not viable for some companies to put in place to protect their on premise applications.

Most businesses now-a-days use and rely on email to conduct their business. Unfortunately this is one of the biggest areas targeted by Phishing attacks. A Phishing attack is a term given to the process of trying to trick unsuspecting users into disclosing personal or business information. Most people are fairly trusting by nature so it is not surprising that many of these scams work. Scammers often send emails to unsuspecting users purportedly being from a trusted source and ask for account details and passwords or provide links to fake sites for you to provide the updates.

A few years ago in the UK a well known security organisation conducted an exercise to ask people for their email password in exchange for a bar of chocolate. A staggering 45% of women asked provided the details and some 10% of men!

I imagine the results would have been remarkably different if they had of offered beer!

They also asked the respondents to provide their date of birth and the contact details of their boss in order to go into a draw to win a trip to Paris. This was even more successful with some 61% of respondents providing the details. When people were eventually told that the survey they had just filled in had actually been part of a security awareness test, most were surprised, with some claiming that because the researchers looked so well dressed and honest, they seemed trustworthy and not in the least bit criminal.

Another recent trend is for scammers to compromise the accounts of unsuspecting Facebook users and send messages to their friends asking for money. This again hooks a lot of people as they feel the request is coming from a person they know and trust. Scammers gain access to these accounts by users having simple or easily guessed passwords.

It is not just the internet that poses these threats most people will provide their password details over the phone if they are led to believe they are talking to their IT department. The attacks don’t even need to be that sophisticated physical security can also pose a problem with numerous cases of theft of computer equipment from business premises. Would you be able to recover if someone made off with all your business computers while your office was unmanned?

This even happened to the cargo processing and intelligence centre at Sydney airport back in 2003 when two men dressed as computer technicians were given access to the data centre and spent the next two hours disconnecting two servers and wheeling them out on a trolley!

So how do we avoid becoming victims of these types of scams?

As mentioned earlier there are a number of technical controls that can be put in place but probably the most effective way to avoid this happening to you or your employees is through education.

This is where cloud computing can be of benefit. Not only do most cloud vendors invest significantly in information security controls as is the case with Google mentioned above, the solutions are also more cost effective than on premise software. This allows for businesses to use these savings to provide their users with training to ensure they understand how to use the application and of course how to avoid the pitfalls of information and identity theft.

Cloud IT Solutions has extensive experience in Cloud based applications and security and can therefore work with your business to put in place solutions that are secure and protect your precious business information. We also offer a range of training courses from application specific training to the secure use of technology and how to avoid online scams.

If you would like to know more please contact us to see how we can tailor a solution to meet your requirements.