Small Business Cybersecurity Cloud Conundrum

Cybersecurity

The U.S. business landscape shifted in early 2020 when Covid dispersed workers into the remote workforce. From a small business cybersecurity standpoint, there were multiple immediate impacts, some direct and some far more nuanced.

The most direct impact was that companies suddenly had a massive number of new remote offices. From a cybersecurity perspective, these remote sites differed from familiar office setups. No, these new remote sites didn’t share much in common with each other. They would be leveraging different carriers, using different routers. Each location has varying devices, patching levels, and technology setups.

These new remote sites often gave access–often unauthorized access, but access nonetheless–to children and other security risks. These systems may back up to consumer-grade backup firms, putting both security and compliance at risk.

That was the first change that pushed companies into using far more cloud environments. A move to the cloud would theoretically bring back consistency, which is necessary to have meaningful security and compliance.

The second factor that increased cloud usage was indirect. During the initial phase of the epidemic, businesses had to vacate their premises, leaving on-prem systems unmanaged.

Since early 2020, businesses rapidly shifted data storage to the cloud

But between remote sites and the emergency abandonment of many on-prem operations, those companies sharply accelerated their gradual plans to move more and more data into the cloud. 

This massive cloud movement introduced a lot of SMBs to the reality of large-scale cloud deployment. On the plus side, there were improvements in scalability and cybersecurity. Clearly, there are good and bad cloud providers in much the same way that there are SMBs with excellent cybersecurity and some with much weaker cybersecurity. That all said, it’s true that the vast majority of SMBs experienced a very substantial boost in security and scalability with their cloud move.

That fact also leads us to the biggest cloud challenge. Although it is true that cloud platforms typically focus extensively on cloud security, the nature of a big cloud host means that its decisions are generic. Its configurations, for example, are perfectly fine for most companies doing typical data projects, but the trick of cybersecurity is fine-tuning an environment for one specific business: yours.

It needs to factor in your company’s size, your vertical/verticals, your current profile, your imminent expansion plans, your compliance position, and critically, your threat landscape (meaning who is trying to attack you and what techniques are they using).

That onus typically falls into the to-do lists of the business’s IT or security staff, assuming that the SMB has either/both of those. But rarely do those teams have the time and resources to do that customization. It gets worse. Many cloud environments will change their own configurations–and yours, right along with it–every day and the cloud staff will never tell their customers/cloud tenants that they made the changes and certainly not what those changes were.

Where does this leave SMB executives? The move to the cloud is the right choice. Beyond cybersecurity strengths, compliance, scalability, and uptime robustness, the typical cloud can deliver far superior ROI. This is simply a factor of the cloud’s scale. Not only can their systems handle your vast amount of data for fewer dollars than an SMB can, but they can absorb the cost of a 24×7 team of highly trained personnel watching your systems around the clock. If your business gets hit with a D-DOS (distributed denial of service) or ransomware attack at 2 AM on a Saturday, you’ll be glad that you can reach your cloud team and know that they are fighting on your behalf.

It’s not the move to the cloud that is in question. The question is which cloud platform makes the most sense for your business. Here are some things to consider:

  1. Does this cloud platform take the time to understand my business, my plans, and my threat landscape?
  2. Does this cloud platform have the ability to use that information to adjust its configurations and options to maximize security and efficiency for my business?
  3. Does the cloud platform keep in touch with you, asking continual questions about your business so that they can configure settings to handle your current needs–as opposed to what your needs were five months ago?
  4. Is the cloud platform focused on businesses like yours or are most of their cloud tenants $50 billion enterprises?
  5. When you need help, how responsive are they?
  6. Test their customer service/technical support team before signing a contract. How quickly do they answer? How easily do you find them to talk with? Do they take the time to understand your immediate need or do they seem to be reading from a script?

Here at Towner, we are happy to report that our teams are trained to handle businesses just like yours. Simply put, it is our job to focus on your IT so you can focus on your business.