By David Shephard, Bitglass' Vice President of Sales for Asia Pacific and Japan (APJ)

Singapore is migrating to the cloud more quickly than nearly every other country in Southeast Asia. Through various initiatives, the Singaporean government is attempting to persuade more businesses and organisations to move away from the traditional, on-premises-only methods of performing work. To secure the country’s position as an advanced, technological nation, this migration is crucial.

The cloud is an incredibly helpful tool that can improve productivity, flexibility, and cost savings. However, it can be challenging to ensure that data in the cloud is stored and accessed securely. As such, organisations need to employ the below best practices for secure data access when they make use of applications like Salesforce, Office 365, and more.

1. Use secure passwords 

Many employees use a single unsecured password across personal and corporate accounts. Unfortunately, this practice makes it significantly easier for nefarious parties to steal corporate information wherever these unfit passwords are used. Because of this, organisations should require unique passwords of sufficient length and complexity for each of a user’s SaaS accounts. Additionally, requiring employees to change their passwords regularly – perhaps every other month – can provide an additional layer of security.

2. Authenticate all users

Credential compromise is a large threat to the enterprise – corporate usernames and passwords can be leaked by careless employees or stolen by hackers. To address this threat, organisations should employ multi-factor authentication, a method of verifying that accounts are being used by their true owners. In other words, organisations should require a second level of authentication (beyond a mere password) before allowing access to sensitive data. This may occur through an email, a text message, or a hardware token (a unique physical item carried by each user).

3. Secure unmanaged mobile devices

 

The rise of BYOD (bring your own device) has enabled employees to access corporate data from their personal mobile devices. While this increases productivity and flexibility, it also exposes the enterprise to new dangers. As such, organisations must secure BYOD, but do so with a tool that is simple to deploy and doesn’t harm device functionality or user privacy. This can only be accomplished through data-centric, agentless solutions – not mobile device management (MDM). With agentless security, organisations can protect data on unmanaged mobile devices in a timely, thorough, non-invasive fashion.

4. Take a proactive approach to security

 

As organisations move their data to the cloud, they often fail to monitor and protect it accordingly. They tend to adopt after-the-fact security that can allow months of data exfiltration before detecting threats or enabling remediation. In a world with regulatory compliance penalties, well-informed consumers, and hackers who can steal massive amounts of data in an instant, reactive security tools are no longer adequate. Instead, organisations must adopt proactive cloud security platforms that enable real-time detection of malicious activity. Failing to utilise such solutions can prove disastrous for an organisation’s security, finances, reputation, and livelihood.

5. Defend against malware

 

Because of the multitude of cloud apps and devices that store, upload, and download corporate data, malware can now attack the enterprise in more ways than ever before. For example, if an employee uses a personal device to upload a contaminated file to the cloud, the infection can quickly spread to connected apps or other users who download said file. Today, organisations need to deploy anti-malware tools that can detect threats at upload, threats at download, and threats already at rest within cloud applications. Defences must lie in wait wherever data goes. 

Now What?

 

For Singapore to become a cloud-first nation, a number of steps must be taken. Singaporean businesses and government agencies need to enable BYOD, understand the repercussions of breaches, adopt advanced cloud security solutions, and more. If the country is to solidify its place as a technological leader on the global stage, public and private organisations alike must make the journey to the cloud and take advantage of the above security tips.