In these times of adversity, the need for flexible working has accelerated cloud adoption across the board, even in sectors that have traditionally been ‘cloud-adverse’. Before COVID-19 was even a thing, many organisations had already started consuming cloud services such as O365. Lockdown has expedited that move and we have seen a large number of businesses quickly stand up things like MS Teams platforms, increase the use of cloud storage as well as use more online meeting tools, such as Zoom.
Whilst some may have been coerced into this change in attitude, the reality is that more of our customers are enjoying the benefits that come with cloud computing. In this article we are going to look at how we can make the most of this cultural shift, as well as the opportunity and risk that this presents.
The shared responsibility of public cloud security
First and foremost, when talking to a customer about moving to the public cloud, please make sure you are covering the shared responsibility of securing data and services that they are planning to put in the cloud. We have included articles on this in the past, however, here is a summary:
The provider is responsible for the security OF the cloud (think physical access to data warehouses, stopping spies from walking into these facilities with USB sticks etc), whereas the consumer is responsible for security IN the cloud.
The good news is Sophos can help here – whether it is a case of protecting servers running in the cloud with Intercept X for Server, or providing secure VPN access and securing network traffic with XG Firewall in Azure or AWS. Or it could be using Cloud Security and Posture Management (CSPM) tools like Cloud Optix to understand what your customers’ are actually putting in the cloud, that only the right people are able to access those resources, and ensuring from a compliance perspective all the settings are optimally configured to recommended best practice.
Migrating to the cloud just got easier
Whilst the cloud presents many concerns / challenges, I think we can all agree that these are far outweighed by the benefits. For those of you that have been working with Sophos for a number of years, how many times have you had to deal with a customer that hasn’t been patching and keeping their Enterprise Console server up to date? This means that customers aren’t protected by all the latest threat mitigations in our platform. Sophos Central does away with this risk. It is kind of like a customer moving from on-premise Exchange to Office 365 – life changing and invigorating!
We have just launched an updated version of our Central Migration Tool (CMT) that makes it even easier to migrate customers on-premise Enterprise Console (SEC) managed endpoints into Sophos Central. If the server is up to date, the files required to install the new version of CMT (v2.1) should already be on the server. New features include being able to migrate machines that have Tamper Protection enabled. Because we now use the more up to date ‘Thin Installer’ you can also make use of the advanced command line options.
Documentation is available here, and you can also find more information on the advanced command line options here.
Sticking on the subject of migrating to Sophos Central, the recent release of Sophos Mobile (v9.6) has introduced the ability to migrate settings AND managed devices from legacy on-premise Sophos Mobile Control (SMC) and Sophos hosted (SMCaaS) into Sophos Central Mobile. All without the need to re-enrol devices! This is a big deal, and the reason why a lot of customers already consuming these legacy products weren’t prepared to move to Sophos Central.
Documentation is available here, as well as a short video of the migration process here.
The biggest takeaway here should be that if you are talking to customers about the cloud, security should be a key priority. Also, remember to involve your local friendly Sophos Account Manager or Sales Engineer in the conversation!