8 Network Security November 2017 FEATURE In addition, new unified communications and other office productivity applications can also be integrated with existing cloud- based solutions. This ensures efficient, lean and effective business processes as compared to an on-premises solution. Cloud-based email infrastructure sys- tems such as Google’s Gmail, Microsoft’s Office 365 and Amazon’s Simple Email Service are no exception to this cloud advantage and these solutions have also witnessed a huge increase in global usage and user base. Cloud-based email infra- structure resolves operational cost issues, revenue loss, business disruption, scalabil- ity, employee productivity and IT sup- port complexities that are typically associ- ated with an on-premises email server. However, mitigating cloud-based secu- rity risks requires the service providers and corporate users to adopt a universal of security is to engage with an ethical hacker. Penetration testing will expose any vulnerabilities in the system and real- ly show the risks of what could happen should those vulnerabilities be exploited. It can also highlight any potential net- work availability issues and help to reduce the likelihood of unexpected downtime, or loss of accessibility. Awareness of these issues ahead of launch will help organisa- tions maintain the trust of their users, as bad management of a cyber assault or data breach could mean stakeholders might withdraw their interaction with the app, or even the brand entirely. Penetration testing isn’t just beneficial, it’s often mandatory. Many industry and legal compliance requirements dictate certain levels of testing. A well chosen penetration testing company will not only help companies adhere to these, but also provide extra accreditations. Finding the right host On-premise was historically thought of as a secure host: however, the evolution of cloud has now pushed it into being an outdated, time-consuming and expensive option. Even if companies can accept these disadvantages, they may not be able to come to terms with the security risk on-premise poses. Aside from the oppor- tunities it offers to hackers and thieves, the risk of employees losing or breaking the machines on which vital data or cod- ing is stored is enough to make on-prem- ise a significantly less secure option. Yet despite the increase in the use of cloud hosting, there are still some security fears around public cloud-based hosting. The word ‘public’ is partially to blame here as it implies that everyone and anyone can gain access. In actual fact, although a public cloud will store servers together in the racking of a datacentre, each company’s information is segregated in a very secure way. Public clouds are more secure than most organisations realise, as due to the extreme security requirements, providers will only employ the best security experts available to protect their service and repu- tation. Public clouds are also harder to hack than private clouds or an on-premise option, as they are continuously thwart- ing threats, giving them more experience and ensuring they are ready to tackle any attacks. From a technological perspective, public clouds are also updated more regu- larly than any other host and often for a fraction of the cost, so they offer more security and less expenditure. Conclusion Creating a truly secure app is a challenge for any size of business, in any location. To do so, organisations need to focus on leveraging the expertise of accredited, robust development specialists and pene- tration testing teams. Once the project is ready for implementation, the app needs to be contained in the right hosting environment to ensure that its security is continued. This process may take a little extra time – and even a little more cost – but the fact is that cyber-security threats are an everyday occurrence in today’s digital world. And in the rush to get an app to market, can any business really afford to short-cut security? About the author Nick Thompson is the owner and manag- ing director of DCSL Software, a bespoke software development company originally established in 1994 and which he purchased four years ago. Akashdeep Bhardwaj Security challenges for cloud-based email infrastructure Akashdeep Bhardwaj, Sam Goundar Over the past few years, the recognition and acceptance of cloud-based applications has gained a lot of momentum. Commercial applications that were initially installed inside corporate on-premises server rooms are now hosted on cloud infrastructures. Software applications are provided in the form of commercial services that are accessible anytime, anywhere. Cloud- based solutions also eliminate the need for regular maintenance-related activities, unnecessary downtimes or outages, attention to back-ups or regular infrastructure upgrades. Sam Goundar