Close this search box.

Six Things You Need To Know Before Moving To The Cloud


Going to the Cloud is like switching off your electricity generator and moving to the power grid. Cloud mobility and the Internet of Things (IoT) has provided businesses with greater flexibility in the services they offer and the improvement of processes behind those offerings. With the driving of Cloud based applications, primarily motivated by the benefits of the fast on-demand availability of big tech cloud providers such as Amazon AWS, Google Cloud and Microsoft Azure – new types of services are beginning to replace functions that were traditionally done in-house.

What is often missed is the reality that the increased use of cloud services is driving further breaches of unauthorized access of sensitive information in the cloud, resulting in costly data breaches. That’s according to a Netskope study conducted in partnership with Ponemon Institute.

We advise companies on strategic planning associated with migrating to cloud apps for business. Some of the clients we have advised include:

  • One of the ‘Big 4’ Australian Banks
  • Big Tech
  • Various ASX100 companies

Here are six points for thought you should know before investing in cloud applications:

1. Your cloud provider will say there are no security concerns – but actually there are

One primary issue of concern for all companies we have assisted was security and integrity of data. It turns out that they have good reason to be skeptical: for companies that did experience a data breach in the last year (31%), 48% suggested it was the employee who exposed data intentionally or accidentally using a cloud service. However, many don’t really understand that impact of human error as a catalyst for breaches.

It is not enough to have a reputable Cloud service provider. You need an expert to assess your existing business processes to ensure a second line of defence against data leaks.

2. Backup regularly, and keep them off site

Every business should have a business continuity plan. You need to understand what systems can go down, and how your business will manage if multiple systems go offline. Ensuring there is a management plan for crises and disasters is the bare minimum.

You also need to ensure your Cloud is backed up regularly, and those backup images are stored securely offsite a safe distance away. It is also best-practice to ensure those backups remain encrypted to avoid compromise, stored offline and require multi-factor authentication when access is required.

In the event of a crisis when your office space may not be available, your backup data won’t be affected and your employees will be able to log in remotely.

3. Design effective policies and procedures, and educate your staff on them!

Create an appropriate use policy for your cloud applications, which defines key terms, proper use methodology, details what is permitted, objectives and responsibilities. Effective governance is half of security. Your policies also need to demonstrate an incident response plan and which third party service provider you have engaged to manage threats should they become apparent.

Policies should also be reviewed annually, and processes should be audited by an external service provider to ensure integrity and efficiency.

Provide training material to employees that highlights the appropriate use policy, and for best practice, provide a regular training assessment to educate for proper practice.

If any high risk issues or breaches are identified in a period, the governance team should also schedule the policies for review and revise the training accordingly.

4. Don’t compromise on performance for your staff

Cloud services for your business also need to be ‘sold’ to your employees. Often, excessive firewalls and proxies will dictate how quickly you can access the Cloud. Even with multiple load bearing servers, medium speed internet connections might bottleneck at times with congestion. We prefer companies run a dedicated internet line from a different carrier between their network and Cloud provider. It’s often not much extra cost, speeds up connectivity considerably and offers a contingency plan should the original network connection go down.

5. Always stay compliant

Companies should keep in mind their legislative and regulatory obligations to keep data confidential or guarantee it’s not lost or destroyed. Many of these will translate into specific security requires or certification requirements.

When data is stored in the cloud, it is imperative your governance team assess the implications against the Public Service Act 1999, Freedom of Information Act 1982, Privacy Act 1988, Archives Act 1983, Evidence Act 1995, Copyright Act 1968 and the Electronic Transactions Act 1999.

6. Manage costs effectively

If your company grows quickly, or there is a genuine spike in demand, often there will be financial consequences associated with the change. Your business may have understood the costs for say, 100 user licenses, but if the company grows to 200 in a few years, the costs won’t exactly trend the way you might imagine.

If you are using multiple cloud service providers, it may be best to consider consolidating to one provider. To make the process easier, an external service provider like Gridware can assist with the migration.

At Gridware, we help our clients to think outside the box and move away from their legacy models to improve productivity. To get your business started on the Cloud, please contact us.

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →