Locking down the cloud: Why security and compliance are sometimes overlooked | Quisitive
Solutions
Integration & Consulting
Help you move, operate, innnovate and thrive within the Microsoft clouds.
Application Development
Data & Analytics
Artificial Intelligence (AI)
Business Applications
Security
Digital Workplace
Infrastructure
Product Development
Technology
Explore the full list of technologies that our expert consultants can support.
Azure
Microsoft Teams
Microsoft 365
Power Platform
Dynamics 365
Power BI
Microsoft Copilot
Power Apps
Azure OpenAI
Sharepoint
Microsoft Fabric
Microsoft Sentinel
Azure Synapse
Windows
SQL Server
ERP Technologies
System Center
Microsoft Viva
Azure Virtual Desktop
Business Needs
Departmental solutions to ensure cloud and technology enablement across every area of your business.
Sales & Marketing
Operations
Human Resources
Finance & Accounting
Customer Service
Localization Services
Help you translate software so you can capture new business worldwide.
Language Engineering & NLP
Translations & Localization
Licensing
Experts in Microsoft cloud licensing and optimizing costs for your business.
Products
EmPerform
Provide people managers with flexible employee performance management software.
Velocity Insights
Monitor, analyze, and prioritize .NET, JavaScript or Node JS errors – all on one dashboard.
AgeChecker.net
Ensure local and federal compliance with our age verification tool for retail.
PowerGov
Engage citizens with a community development app for city maintenance and management.
MazikCare
Embrace patient-centered, collaborative care with our suite of real-time health solutions.
Care Path
Care Provider Link
Care Supply
Payer Matrix
Data Fusion
AMS
Deliver on your cloud strategy with a team that continuously monitors, improves, and optimizes your Azure environment.
ShopFloor
Empower production managers with cutting-edge manufacturing process management.
Spyglass
Take a proactive, continuous approach to optimizing your security environment and strategy.
Managed Services
Azure Management Services
Deliver on your cloud strategy with a team that continuously monitors, improves, and optimizes your Azure environment.
App Dev Program
Ongoing enhancements, app security, DevOps and reporting for apps running in Azure.
Data & AI Program
Operational support for running, monitoring and managing services for the Azure Data Platform.
Dynamics Program
Ensure the health of your Dynamics environments, optimize usage and encourage user adoption.
Digital Workplace Program
Optimize Microsoft 365 security, usage and user adoption with our digital workplace experts.
Security Program
Take a proactive, continuous approach to optimizing your security environment and strategy.
Power Platform Program
Get an extension of your team that ensures the health of your Power Platform.
Industries
Manufacturing
Education
Public Sector
Financial Services
Healthcare
Energy
Retail
Software
Resources
Blogs
Case Studies
Library
Newsletters
Events
News
Learning Channels
About
Investors
Leadership
Microsoft
Our Approach
Our Partners
Our Story
Awards & Recognition
Careers
Support
Contact us
Solutions
Back
Solutions
Integration & Consulting
Application Development
Data & Analytics
Artificial Intelligence (AI)
Business Applications
Security
Digital Workplace
Infrastructure
Product Development
Technology
Azure OpenAI
Microsoft Copilot
Microsoft Fabric
Azure
Azure Synapse
Azure Virtual Desktop
System Center
SQL Server
Microsoft Sentinel
Microsoft 365
Sharepoint
Microsoft Teams
Microsoft Viva
Windows
Power Platform
Power BI
Power Apps
Dynamics 365
ERP Technologies
Business Needs
Sales & Marketing
Operations
Human Resources
Finance & Accounting
Customer Service
Localization Services
Language Engineering & NLP
Translations & Localization
Licensing
Products
Back
Products
EmPerform
AgeChecker.net
MazikCare
Care Path
Care Provider Link
Care Supply
Payer Matrix
Data Fusion
ShopFloor
Velocity Insights
PowerGov
AMS
Spyglass
Managed Services
Back
Managed Services
Azure Management Services
Data & AI Program
Digital Workplace Program
Power Platform Program
App Dev Program
Dynamics Program
Security Program
Industries
Back
Industries
Manufacturing
Healthcare
Education
Energy
Public Sector
Retail
Financial Services
Software
Resources
Back
Resources
Blogs
Events
Case Studies
News
Library
Learning Channels
Newsletters
Investors
Back
Investors
Financial Reports & Results
Investor News
Earning calls
Contact
Contact us
About
Back
About
Our Story
Investors
Microsoft
Leadership
Our Partners
Awards & Recognition
Our Approach
Careers
Support
Search
Back
Terms of use
Privacy policy
Feature Image for Security and Compliance in the Cloud Blog, a lock sits on a circuit board
Locking down the cloud: Why security and compliance are sometimes overlooked
January 30, 2020
Bryan Blain
Security and compliance within the cloud are often overlooked. Learn more about why taking both seriously is essential to your cloud operating success.

As companies set about migrating workloads to the cloud, an important factor often gets lost, sometimes overlooked or misunderstood in the process: security and compliance.

It might come as a surprise to some, given the proclamation of cloud service providers on all the baked-in security and compliance in the platforms. Given increased cyber threats, how can companies run workloads in the cloud in an unsecure manner? The truth is, the reasons for not establishing secure and compliant workloads in the cloud are not nefarious or even irresponsible – in most cases, they are merely making innocent but incorrect assumptions

Companies know that the highly respected and trustworthy underlying cloud providers, such as Microsoft Azure, have advance and security capabilities, and therefore assume that their data is fully and automatically protected.

This is true, but only up to a point.

Think of it this way: if a building is equipped with state-of-the-art alarm systems and security cameras, but someone leaves the door wide open, the building is still penetrable to intruders. The same goes for the cloud.

Cloud providers have security and compliance capabilities, but to take full advantage of the platform security, you need to understand those capabilities and configure your environment on their platform accordingly and aligned with best practices.

Whether a company must adhere to HIPAASarbanes-OxleyFISMA, the Dodd-Frank Act, or ISO, it’s essential to find a cloud migration partner that has the experience to ensure that compliance is met and security is air-tight. Here are three ways to ensure that security is addressed correctly before, during, and after a cloud migration. 

1. Bake it in, don’t bolt it on 

We believe that security works best when baked into the blueprints of a cloud migration, not bolted on afterward, so we take all security and compliance requirements into consideration from the onset of an engagement.  

2. Don’t set it and forget it 

Once you’re operating in the cloud, you still need to keep security top of mind. Stay on top of any changes to policies, patches, and industry insights with the Azure Security Center. Rich with content, information, tools and processes, the Azure Security Center will provide a unified view of your cloud workloads while giving you the support you need. Don’t have time to keep up with changes yourself? Consider finding a partner that provides managed services to provide the support you need, and who understands the monitoring capabilities and needs in the cloud platform. 

3. Police your policies 

Having policies in place is one thing, but it’s also critical to ensure that they’re enforced to maintain the integrity of the secure and compliant environment you’ve set up. Make sure that each person accessing or contributing to data in the cloud is compliant and operating according to best practices. This includes following an established approval process and an audit trail to demonstrate that compliance is met. 

With data breaches on the rise – one report suggests that year over year, the total number of breaches was up 33.3%, and the total number of records exposed was up 112% between 2018 and 2019. Keeping security top of mind for your cloud migration shouldn’t be an afterthought; it must be a priority. 

Related posts
|
Read more
CFSA Case Study Feature Image - dc.gov logo
Infrastructure | 7 Dec
Quisitive helps CFSA Launch Kinship Navigator Platform
Read more
Infrastructure | 12 Aug
Greene Tweed Develops and Deploys Smart Factory with Quisitive
Read more
Infrastructure | 7 Mar
Discover 5 Reasons to Migrate SQL Servers to Azure
Read more