It may have been unconventional given the relatively nascent state of cloud-based security suites, but nearly two years after he decided to go all-in on cloud security PPK Group IT manager Simon Burley isn't looking back.
The decision came as PPK Group – a one-time property investment house that redirected its business into the provision of coal-mining services and equipment in late 2013 – went to market for a solution that would not only provide broad-based network security but would also protect a wealth of intellectual property such as patents, designs, and models.
Burley, who in a previous role had been an early adopter of Telstra's cloud-hosted BPOS productivity suite, had the rare chance to design an IT and security infrastructure from the ground up – and realised that a cloud-based security suite would offer many advantages over a morass of conventional on-premises tools.
“You don't get the opportunity every day to build an IT environment from the ground up,” Burley told CSO Australia. “Ultimately we wanted best of breed security that would protect users, including many in remote locations that are at the lower end of the scale when it comes to IT maturity.”
Exploring the market led Burley to Sophos Cloud, a broad security suite that had been launched just weeks early as that company's foray into cloud-based delivery. And while the suite was still in its early days, Burley saw that its centralised design and administration offered crucial benefits for PPK's fast-growing business.
“We need to manage the security landscape a lot differently now,” he explained. “Threats are just coming at us from all different levels, and we needed a solution that would match our needs as a business and scale up as it continued to grow. The functionality was initially low compared with an on-premises solution, but the maturity in the development roadmap was going to be aggressive.”
Nearly two years later, Burley's cloud hunch has proved to be right on the mark, with Sophos continually upgrading and expanding a security suite that has become so well-specced that “we are starting to see true parity with on-premise solutions,” he said. “As promised, the number of improvements and changes we've seen in the product has been significant.”
The solution's cloud architecture offers other “significant” advantages Burley added, noting that the initial setup process took just two hours. “We don't need to worry about managing on-premise appliances, local caches, firewall configurations and so on,” he explained. “We just manage configurations and policies, deploy the agents and it's as simple as that.”
The PPK deployment has exploded from an initial base of 15 users to around 120 users today, many of whom are working in mining environments where their devices are often underground and only sporadically online.
Even with such intermittent connectivity, however, the design of the cloud-based mobile device management environment means any configuration or policy changes are automatically synchronised to every managed device within a minute of the change being made.
“We get full visibilty into our assets and they only need to be connected to the Internet to get updated policies and to report back in,” Burley explained. “We've used a multitude of different tools in the past but we now get the same level of protection as we were getting on premise.”
Because the security controls are centralised in the cloud, adding new devices has proved simple even after PPK's acquisition activity in recent years, which included the March 2014 purchase of the COALTRAM mining equipment business from Diversified Mining Services.
“We have grown through acquisition and it has been easy for us to deploy this out to those newly acquired businesses,” Burley explained. “As soon as we take ownership we take those policies out to the devices and bring them under our control, then run a process for cleansing those machines before we bring them into our trusted environment.”Read more: Nearly half of Windows servers could expose entire network if privileged accounts stolen, study warns
“We spend a lot less time managing the solution and a lot more time focusing on our policies,” he continued. “Sophos Cloud has proven to be to security as Microsoft Office 365 is to email – and for me it's now second nature. The maturity, development, and features are so rich now that I wouldn't go back to managing an on-premises solution even for a larger deployment.”