After re-reading some of my recent blogs and scanning the wider media, it occurred to me that it’s easy to get the impression “it’s all doom and gloom” in cloud security and cyber crime in general. While the risks are clearly present and the threat landscape more complex than ever before, that’s far from the full picture. Many organisations are embracing the new levels of security required, and implementing new approaches to reflect how their businesses now work.

So this week, I want to share an example of how to benefit from the cloud while mitigating the risks. Guardian News & Media Limited (GNM), publisher of and The Guardian and The Observer newspapers, decided to implement Google Apps and Google Docs to provide the business with a range of new collaboration tools and realise the cost savings promised by cloud storage. As you’d expect, the nature of GNM’s business means that documents are constantly being shared outside the company’s domain with external writers, suppliers and other third parties – but it still needs to ensure visibility and have all of the necessary management, control and security capabilities. To support this, GNM talked to cloud security provider CloudLock, an EveryCloud technology partner.

The CloudLock solution provided visibility of all documents in the domain including detailed change reports, history and trends, plus the ability see sharing settings (internally and externally). It enabled full control of permissions – to add and remove collaborators, change ownership and access rights – while also providing exposure alerts. This approach not only provided GNM with the security protections it required but also enabled easier management of its cloud-based approach to collaborative working. Another point worth noting is that GNM had realised it was far more cost-effective (and faster) to buy a security and control solution that could be adapted to its needs rather than developing one in-house.

This is just one example, and there are many more, about how you can benefit from the cloud while recognising and avoiding the threats that new services can also bring.