By Daniel Cooper of Lolly.co

The mass migration from the office 9-to-5 provided a fundamental solution for businesses seeking to survive the disruption of the Covid-19 pandemic. And as the move towards remote working is fast-tracked, a number of opportunities – and a number of issues – has arisen, too. Socially distanced workflows rely heavily on the cloud, but the weight of the responsibility can give way to weakness in the face of cybersecurity threats.

Cloud migrations were once a pioneering move prior to 2020. Now they are a necessity to facilitate basic business processes. The overnight shift, as with all rushed decisions, brings a plethora of potential problems that leave a business vulnerable to cybercriminal activities. Data breaches, data leaks, and data loss are flagged as the greatest threats to cloud migrations. By putting in place protections that secure data, secure connections, and limit access to files for users, a seamless move towards remote working can also be impenetrable.

Such protections extend to private VPNs, password managers, physical 2FA keys, and a zero-trust policy for file access.

Virtual Private Networks – or VPNs – are typically called up as the first line of defense. Rather than allowing the migration of business data to the cloud via the internet, a VPN secures a private path cybercriminals pose no threat to. VPNs also protect online browsing activities, securing both internet and data protection on a number of different devices. However, the security provided by VPNs can only stretch so far. They cannot confirm the identities of those accessing the network, nor do they restrict the network access.

VPNs therefore must be used in conjunction with other options that plug the gaps in this security measure.

Password managers facilitate cloud migration not simply by providing more secure, stronger passwords for entire teams, but they also provide control to access for certain applications, websites, and files that need to be accessed from home. Shared passwords can be provided for select employees and removed if necessary, patching the holes in your security at a ground-level. These password managers should lead the organisation’s move toward refreshed security policies that are required for remote working.

However, password managers should be used alongside two-factor authentication to limit the risk of a security breach and protect the password manager itself.

Two-factor authentication is a secure method of confirming the identity of a user. By testing two pieces of information or ‘factors’, access can be far more secure, solving the issues associated with data protection measures such as VPNs. Alternative factors to passwords include a physical device such as a phone or a ‘key’, and a fingerprint or facial scan.

2FA keys also erase potential security breaches that poor password hygiene can typically leave data victim to. As passwords are easily breached by cybercriminals and can be used repeatedly, these physical keys provided by firms such as Yubico can ensure the right access to the cloud is afforded to the right employees.

Secure passwords and two-factor authentication can ensure only select users can access certain files, effectively locking down data. A zero-trust policy further strengthens this access. Data breaches and leaks are often as a result of cyber attacks fuelled by ease of access to data; this direct-to-cloud approach allows firms to eliminate any unauthorized access to data, ensuring they can monitor and control their IT environment.

Administrators can thus have full visibility and control over the individual users’ access to certain data. Zero Trust Network Access (ZTNA) follows several principles such as ensuring that communication with private applications can be secure regardless of the user’s location; guaranteeing access to individual resources is solely granted on a per-connection basis; and making sure all traffic to applications is fully visible to administrators.

A zero-trust policy pulls together the threads of these cloud migration security measures, ensuring that not only can the right users access the right data, but administrators can be sure that this remains true.

Each of these measures follows the basic tenets of data security and protection against cyber threats and attacks on a number of levels whilst also facilitating cloud migration. From basic security measures at the employee level regarding strong, secure passwords, to the overarching monitoring of who accesses what at the top of the business, data leaks, breaches, and loss can be eliminated. Not only can these protections provide for the movement from on-premises data to the cloud during the cloud migration, they can be scaled over time, too.

Employee access to certain passwords and files, for example, can be increased alongside changing responsibilities and decreased in response to a need for more secure data protection.

Arming against threats to business data requires a multi-pronged approach, especially as every measure comes with its own potential and its own problems. Satisfying the need for additional security measures in each creates an impenetrable barrier for business whether the employees are working in the office or at the dining table. The need for protection against cyber criminals will only escalate as attacks focus on the weaknesses inherent in cloud migration and cloud security.

The cloud migration process allows for a streamlined movement towards the new normal. Securing it is the next challenge.