Analysis

Why SMBs Need a Cloud Directory

By George Lattimore Posted March 1, 2019
Why SMBs Need a Cloud Directory

If you’re a business owner and you aren’t looking at how to springboard organizational growth with cloud technology, you’re giving the competition a leg up and a head start. The cloud is serving competitive advantages to anyone within the reach of a WiFi signal, and SMBs in particular are jumping to seize the opportunity. By harnessing the same power as Fortune 500 companies, SMBs are now able to forgo traditional capital expenses, operational costs, and management overhead in favor of unhinging their cash flow and maximizing employee productivity with best-in-class tools.

When SMBs begin adopting cloud services, however, everything from email, web applications, and WiFi become intertwined with on-prem resources like file servers, network switches, and laptops or desktops. As many SMB owners have realized firsthand, this creates a difficult environment to manage and a difficult workflow for employees to maintain on a daily basis. To make matters worse, employees are working remotely now more than ever, and accessing these on-prem and cloud-based resources in tandem can be a struggle for traditional IT management solutions.

No matter whether you can afford an internal IT team or outsource your IT to a managed service provider (MSP), this is where a cloud directory can shine as the “glue” that ties your business and IT security together. Once the cloud directory is up and running—centrally connecting your resource access, employee identities, and administrative policies—the cloud directory becomes the oil that keeps your business engine running smoothly and safely. Before explaining why SMBs need a cloud directory, though, let’s dive deeper into why SMBs are even moving to the cloud to begin with.

SMBs and The Cloud

Why the Race to the Cloud?

how can I increase agility with a cloud IdP?

It’s hard to deny the ripple effect the mass migration to the cloud is having across all industries. More than 50% of companies currently say their organization stores sensitive or confidential data in the cloud. From 700 SMBs surveyed about their 2019-2020 budget plans, 48% are prioritizing cloud computing, making it the second highest initiative behind the SMB mainstay, finance software. The next highest initiative? Data and information security. This is because leveraging the same technology as large enterprises means abiding by the same compliance requirements and defending against the same kinds of cyber threats.

Maybe you’ve been wondering if it’s really worth moving to the cloud when cyber attacks and data breaches are continually featured headlines across the news. Well, considering the business benefits of the cloud (explained below) and that 78% of SMBs are forecasted to have adopted the cloud in some capacity by 2020, the opportunity cost of letting your competitors move ahead should be calculated and taken seriously.

Business Benefits of Migrating to the Cloud

Taking a step back for a second, let’s be clear about some of the major business benefits that can open up for SMBs after migrating to the cloud. First of all, since cash flow is one of the most important aspects for growing a business, there are immediate cost savings and capital expenditure (CAPEX) reductions to gain. In terms of IT spending alone, cloud resources can decrease spending by 15% in comparison to on-prem hardware. Besides the basic on-prem hardware needed, such as WiFi or maybe file storage, the cloud can reedirect CAPEX expenses to operating expenditures (OPEX) through ongoing subscriptions. This not only saves money that would be spent on purchasing hardware, maintenance, and upgrades, it also refocuses cash flow on what’s most important for small businesses: fueling growth.

Beyond cost savings and cash flow, the cloud has been shown to spark increased employee productivity and organizational efficiency. As high as 86% of end users reported that web-based applications help them do their job better, and organizations as a whole can gain an 18% increase in process efficiency on average when they adopt cloud resources. Thanks to benefits like these, cloud technology is helping organizations increase their speed to market with faster project delivery. In fact, according to a Dell report, companies that invest in the cloud, big data, mobility, and security end up growing revenue 53% faster than their competitors.

So, what’s the downside here? As we’ll discuss below, SMBs who rush into adopting cloud services without a proper cloud directory for their security and identity management often run into serious roadblocks that leave their organization vulnerable. The good news is that with a cloud directory in place, each of these common issues can be dramatically reduced.

Overcoming the Obstacles with a Cloud Directory

tl_test2x

There’s no doubt the cloud is changing the IT industry and giving organizations of all sizes an express lane, but before you give your employees the green light, you should take a hard look at your infrastructure and IT environment. Are you mostly on-prem, cloud-based, or a hybrid? Do you have a directory solution in place? If so, how is it being managed, and who is managing it?

The reason for asking these kinds of questions is that it can help you avoid the business hangups and cyber security threats SMBs and major enterprises alike initially face as they migrate to the cloud. Common fears surrounding issues like data breaches, identity sprawl, password management, and compliance regulations can all be met head-on by implementing a cloud directory.

a) Data Breaches

For many reasons, identity security is not the most fun topic to discuss or even think about. Unfortunately, it’s simply impossible to ignore in today’s world. Considering that 446 million records were exposed in 2018 alone, it’s safe to say the threat is as personal as it professional. That’s enough records exposed for the entire U.S. population (and then some) to have been affected by a data breach in one way or another, and smaller organizations are increasingly falling into the crosshairs.

From 2013 to 2017, 85% of cyber security insurance claims were filed from smaller organizations, and in 2017 alone, SMBs were the primary victims of data breaches at 58%. How exactly does this link back to your employees’ identities? Well, 81% of data breaches in 2017 were the result of weak or stolen passwords. And why is this a big deal? As high as 60% of small businesses go under within six months of a cyber attack.

Thankfully, data breaches don’t need to be tolerated like some inevitable force of nature. While a cloud directory can’t slow down a hurricane or pacify a tornado, a cloud directory can provide the structure and fortification organizations need to defend against identity theft and data breaches. Whether you’re dealing with remote workers, multiple offices, Mac, Windows, Linux systems, or all of the above, a cloud directory centrally secures your entry points with layers of defense. These layers include things like full disk encryption (FDE), multi-factor authentication (MFA), password management, VLAN steering, SSH key authentication, and more.  

b) Identity Sprawl and Password Management

Identity sprawl can be defined as a “situation where a user’s identity is managed by multiple siloed systems/directories that are not synchronized with each other, resulting in multiple identities for each user.” While this may be more severe in larger environments, identity sprawl can be a real problem to avoid for any organization trying to maintain efficiency and scale their operations. As the number of cloud services grows, so do the opportunities for your users to create new logins on cloud platforms and various directories. According to Forbes, “Identity sprawl presents many opportunities for attackers who exploit weaknesses caused by unsecured devices, unsanctioned apps or various workarounds.”

To illustrate the issue, consider the various services and platforms your employees currently access: personal web applications (LinkedIn), SaaS applications (Salesforce), cloud servers (AWS), networks (WiFi), email (Gmail), and their computers (Mac/Win/Linux) just for starters. Then, take into account that the average user manages around 154 credentials a month and spends around 7.2 hours a year managing passwords in their daily workflow. Multiply that time by how many employees are currently in your company and you can see why there’s a real opportunity here to save time and money. Instead of laboring through dozens of logins and leaving unmanaged security gaps, a cloud directory gives your employees a secure set of credentials and lets them move efficiently and safely through their daily workflow. Your IT team or IT Service Provider can also set password requirements with constraints that include length, complexity, originality, and age.

c) Compliance Regulations

The compliance requirements as well as the penalties for not meeting them are continuing to rise for organizations across all industries. As stated in the EU law for GDPR for example, organizations can be fined up to 2% of their annual global turnover or €10 million (whichever is higher). For HIPAA regulations, which address health information specifically, federal fines can reach $50,000 per violation with a maximum of $1.5 million per year. By employing a cloud directory with endpoint protection, customizable security policies, authentication event logging, and secure user access to critical IT resources, your business can meet compliance regulations with confidence.

Where to Get Advice and Help with Your IT

An Open Directory is powerful

If you’re looking at migrating your infrastructure to the cloud, but aren’t sure which security technologies to employ or how various types of cloud services would work together, you’re certainly not alone. While one survey found that the majority (61%) of U.S.-based small businesses want to use more cloud services, almost three quarters of them are overwhelmed by the choices. In 2018, the top challenges of IT security SMBs struggled with most were surveyed as the following:

73%
Insufficient Personnel
47%
No Understanding of How to Protect Against Cyber Attacks
43%
Insufficient Enabling of Security Technologies
39%
Lack of In-House Expertise

Clearly, there are certain aspects of migrating IT security and infrastructure to the cloud where SMBs could use advice and a helping hand. For this reason, small business owners everywhere are outsourcing work to managed service providers (MSPs). A cloud-forward MSP can help you migrate to a cloud directory, safely and efficiently, and then provide identity management as needed. They can also help with the tricky, technical questions, and give valuable advice on what kinds of cloud services work best for your industry and office environment.

So, if you’re ready to get the ball rolling on migrating to a cloud directory, contact your local MSP. They’d be happy to answer any questions you may have and will gladly work with you to determine what is the best technology for advancing your business goals.