Navigating Cloud Security: An Interview with Ashley Delph, Cloud Security Specialist at Deployflow

Companies understand the value the cloud can bring to their businesses. However, this opens up several vulnerabilities. According to recent statistics, companies devote 11% of their annual budget to cybersecurity. To overcome these barriers, a more strategic approach to digital resilience and cloud security is imperative. 

Professionals like Ashley, a cloud security specialist at Deployflow, play a pivotal role in ensuring the safety and compliance of clients’ systems. Ashley brings a wealth of experience integrating security safeguards into cloud strategies and architecture and a passion for innovative solutions. In this interview, he shares insights into his journey at Deployflow, the challenges he has faced, and reflects on the Deployflow’s approach to accelerating cloud security for organisations worldwide. 

The Journey to Deployflow

After working for a company that managed many local businesses, Ashley sought a bigger challenge involving much larger enterprises. Deployflow offered this opportunity with a diverse global clientele across various industries.

Although I have only been with the company for seven months, my role has significantly helped me develop certain skill sets. I’ve improved my time management, become proficient at handling customer-facing tasks, and enhanced my patience for troubleshooting issues such as printer problems,” said Ashley.

Impactful Projects and Future Aspirations

Ashley has had the opportunity to gain many notable experiences and work on a number of projects that have had a profound impact on his career at Deployflow. He singled out two most challenging ones.

Two notable projects come to mind: establishing our customers’ MDM (Mobile Device Management) infrastructure and configuring policies to meet CIS security requirements and compliance standards. These initiatives have been crucial in ensuring a secure environment for company data.

Ashley says that his goal in the company moving forward is to transition into a more DevOps or DevSecOps role.

I have a strong interest in coding and have been applying my skills to automate tasks. Additionally, I am very interested in AI, using tools like ChatGPT to extend my knowledge and improve my work efficiency,” explains Ashley.

Expert Insights on Cloud Security

Ashley highlights some of the latest threats in cloud security that organisations should be aware of.

Identity remains a significant threat, with various vulnerabilities to address. An emerging danger is the pass-the-cookie attack, where session cookies are hijacked. These cookies, used by many companies including Microsoft, store session data and can be exploited for unauthorised access. Although MFA is still useful, it’s no longer as strong as we once thought. Passkeys are now promoted as the most robust form of MFA, with Microsoft making them more user-friendly by allowing storage in the Microsoft Authenticator app.

He also distinguishes best practices for organisations to enhance their cloud security resilience.

He says that organisations can improve their cloud security by:

  • Ensuring MFA is used by all staff despite its limitations. It’s better than using SMS codes, email codes, or phone calls, which CIS standards suggest disabling.
  • Regularly checking compliance policies to enhance security.
  • Providing ongoing security training for staff, preparing them to recognise and handle security threats on time.

Ashley also explores the latest trends in cloud security that organisations should watch for in the next 2-3 years.

He said that the two key trends that will impact cloud security in the next few years include:

  • Zero Trust Security Model — Based on three pillars, verify explicitly, use least privileged access, and assume breach. This model is likely to become standard practice.
  • Modern Network Access Solutions — VPNs may be replaced by technologies like Microsoft Global Secure Access and Twingate, which offer enhanced security and conditional access policies.

How are AI and Machine Learning Advancements Influencing Cloud Security Practices?

Ashley explains that AI and machine learning significantly impact cloud security by enabling systems to respond, predict, and detect threats more quickly and accurately than humans.

Tools like Microsoft Sentinel and DarkTrace utilise advanced machine learning to learn safe behaviors, identify threats, and improve overall security.

He also explains that an increasing number of organisations leverage multi-cloud environments to improve security resilience

Companies use multi-cloud environments to enhance redundancy, availability, and risk management. By housing data with more than one vendor, they can benefit from diverse security protocols and reduce dependency on a single provider,” says Ashley.

How Deployflow Helps Companies Accelerate Their Cloud Resilience

According to Ashley, Deployflow differentiates itself by not treating security and policies as a one-size-fits-all solution.

We work closely with businesses to tailor security baselines that suit their specific needs. We also explore new technologies to assess their value to our operations and, more importantly, to our customers.”

Deployflow team of cloud professionals has extensive experience helping organisations build cloud resilience.

We provide integrated backup and recovery solutions with Recoverable, ensuring data integrity and availability. We also help organisations stay current with IT and security trends, securing identities and data using the best methods available.

Through his work at Deployflow, Ashley continues to push the boundaries of cloud security, ensuring clients meet compliance standards and stay ahead of emerging threats. His dedication to continuous learning and adapting to new technologies is a testament to his commitment to excellence in this critical field.

– 

Connect with Ashley Delph to learn about how we can help you deliver high-quality cloud solutions with embedded robustness and resilience. 

To learn more about how Deployflow helps companies accelerate resilience in the cloud, explore our cloud security services or read Beyond cloud transformation: When security and sustainability are paramount

Read 10 things to know about Recoverable to learn more about how we can help you back up your data and ensure that it is secure and accessible. 


Share

maya.budinski

Published on July 11, 2024