Cloud Compliance and Cloud Security – these are heavy, but important, topics when considering a transition. In this article, we aim to explain the difference and why you need to be covered in both areas. As a Microsoft Partner, Prone 2 Dream Technologies can assist in setting you up for success right from the start.
No matter what size your business is, from solopreneur to enterprise level, transitioning into the Microsoft cloud provides a wealth of benefits. When it comes to cloud compliance and security, there is no better ally than Microsoft. Their layers of protection, the tracking mechanisms, the investigative abilities, AND an assurance of risk mitigation in the event of data breach is a guarantee like no other.
If you are in Healthcare for instance, Microsoft will sign a BAA (Business Associate Agreement) with you. It is their brand promise of security infrastructure. It is their guarantee that should your company come under legal scrutiny, that they will produce the documentation and the forensic evidence to show how the breach happened, when and with whom. This legal guarantee is an insurance policy that saves organizations millions of dollars.
Most businesses fall into some governmental regulatory area where they must comply with industry-specific federal laws. Healthcare must comply with HIPAA laws to protect patient data. PCI laws protect credit card data. FedRamp governs financial markets. And many more.
A cloud compliance management program needs to attest that you are compliant with applicable laws so you can gain the trust of your clients and industry colleagues. At any given time, your company must be able to download an audit or assessment that is documentation of your compliance, should any questions arise.
The Microsoft compliance manager is a very robust system. While it can look overwhelming at first, it is a user-friendly, collaborative effort. Microsoft asks for the needed input, essentially walking the user step by step through the set up. The system tells you your progress each step of the way. As the data is transferred into the cloud compliance manager, the responsibility is shifting to the shoulders of Microsoft. This is the trust center – your data under the layers of protection promised by Microsoft, to which you have access at your fingertips.
Microsoft also offers hybrid situations, as some migrations simply need to be stretched over time. For example, you may be running a client server software using Windows Operating Systems. The transition to the cloud would need to run simultaneously with the on-premise server. Using virtual machines (VMs), we can bring a client server dependent architecture into the cloud. Putting the client server on the VM frees it from the on-premise IT closet. This is a very seamless way to run client server software in the cloud, while reducing your total cost of ownership. You don’t need to purchase new hardware when it’s time for an update.
The Trend Toward BYOD – Doesn’t that increase risk?
BYOD (Bring Your Own Device) is a strategy being deployed more and more often as technology advances. This strategy, too, benefits your company by reducing the total cost of ownership – in this case the expense of desktop computers, laptops, and mobile devices. The old way – companies use their purchased devices until they finally die. Have you ever onboarded to a new company, only to be offered a 10-year-old laptop? Think about your brand – this is not the Day 1 “first impression” you want to make on a new hire!
Consider instead: The new hire is offered a cash bonus at signing, about half the cost of a new device, to be used to purchase the new device of their choosing. The employee pays the balance of the purchase and the ownership is theirs for the tenure of their employ and afterward. With Microsoft cloud technology, all company data on that device is being tagged and tracked. If any company data is downloaded off the device, your business will be alerted when that is happening. However, if you’re using an on-premise server, and your employees are using their personal devices for work, data leaks may be going on now with no audit trail.
If you are in the Microsoft cloud and the employee leaves the company, it is no problem at all. Microsoft simply wipes the company’s partition off the device (“Selective Wipe”) all of the company data is eliminated or rendered “unusable”. Not so simple if you’re using an on-premise server.
The cloud Security Center is completely different than the cloud compliance manager. This is the area that watches over threat management.
> Who’s attacking my company?
> What are they phishing?
> Who are they phishing?
> Where is this coming from?
> What do I need to do to keep from being attacked?
Your Microsoft Security Center is on high alert for this type of threat, fending it off, and tracking it for you to see at any time.
How Prone 2 Dream Technologies helps
As a Microsoft Partner, Prone 2 Dream is your bridge to Microsoft cloud compliance and security. Our role is to demonstrate that Microsoft is taking care of everything – securing your data and making it available only to your company constituents, as you direct. We want you and your team to feel the confidence and trust in Microsoft.
We can explain Microsoft’s complex infrastructure and how your company has its own private, yet powerful, space within. Contact us today for a complimentary assessment of your current system and how to transition smoothly to the cloud.