The cloud, modern companies can no longer do without it. It is a very important part of a good IT strategy. But what exactly does that mean? What influence does working in the cloud have on your company. What trends do experts expect for 2025. And what challenges do they see? We looked into it for you during Cloud Expo 2024. At this trade fair, ITkothon told us more about working smarter with Teams Phone Mobile. But what else is going on in the cloud world? We will tell you about it based on the 3 themes that were most discussed at the trade fair: security, AI and NIS2.
Theme 1: security.
One of the main themes at Cloud Expo 2024 was cybersecurity . Passwords, single sign-on, and identity and device management were discussed.
Be smart with your passwords.
The average person has 255 different accounts, both private and business. All with their own password. 60 percent of people reuse passwords on more than 1 account. Just over half of these people, around 51 percent, do not use exactly the same password, but do have the same system everywhere. Mark Troyer, VP Global Solutions Consulting at LastPass, gives an example.
Mark: ‘There are people who love The Beatles and therefore choose the title of a famous Beatles song as a password phrase. Turn Me On Dead Man for example. Then they put #9 or another consecutive number behind it, and the name of the website that the password is for. That’s how you get passwords like TurnMeOnDeadMan#9Amazon for your Amazon account and TurnMeOnDeadMan#10Google for Google.’
‘Nice, long passwords’, says Mark. ‘But it also means that if someone knows 1 password, for example through a data leak, it is very easy for that person to gain access to other accounts. Hackers no longer have to hack and get in through the back door, because they have the key to the front door. And they are also less likely to be discovered.’
As an IT manager, it is smart to set rules for passwords . Such as how many characters and special characters a password should consist of. And make sure your employees change their passwords regularly. Or that they use two-factor authentication.
The challenges of single sign-on.
Another topic that Mark addresses is single sign-on. This is a secure way to ensure that someone only has to log in once to access an entire ecosystem of apps. For example, this can be done with a Microsoft account. The challenge for IT is that not all apps are available in this ecosystem. For example, you won’t find social media apps there. This means that different colleagues need to have the login details for these apps. A solution for this is the use of a password vault. This allows you to share passwords securely within your company. Also useful to know: all major browsers, such as Chrome, Firefox and Edge, now all have such a password vault. And Apple has also introduced a cross-platform password vault in the recently released iOS18, which also works with Windows devices via a browser plugin.
Ensure good identity and device management policies are in place.
Working from home is and will remain popular. 68 percent of all employees work hybrid. Identity management is becoming increasingly important. By this we mean that as an IT manager you know exactly which colleagues have which rights. People are often given far too many rights within companies. Or the rights are not revoked when someone leaves a company. Damian Derby and Arash Kamardi from Software One give a tip: ‘Ensure a good platform strategy. Create your own ecosystem of suppliers and integrations so that you have a high-quality solution with a lot of user-friendliness. You can give someone access to it in one go, or revoke it quickly.’ In addition, smart device management is very important. As an IT manager, you ensure that your employees’ phones and other devices are always up-to-date and well-secured, everywhere.
Theme 2: AI.
Artificial intelligence, or AI , we use it more and more. That offers many opportunities, but also brings challenges. The trend? Copilot, Microsoft’s smart AI assistant. The challenge? AI phishing.
Let Copilot help you.
During their talk, Liesbeth Kollmann from Also and Rene van der Vlugt from Adoptify will explain what the smart AI assistant Microsoft Copilot can mean for companies. ‘What people often don’t know is that they train the OpenAI model with all the input they put into ChatGPT’, say Liesbeth and Rene. ‘If you choose Copilot, it is built into Microsoft 365, which also takes over your entire compliance. That is valuable for the customer, the employee and the company.’ Besides being safe, Copilot is also very useful. For example, it can make a summary of meetings or emails for you or draw up a list of action points. Exactly what you need.
AI Phishing: Don’t Fall for It
IT leaders expect phishing to only increase through 2025. It is a very effective way to attack, which is becoming increasingly easier with the advent of AI . Because with the help of AI, phishing emails and sites contain fewer (translation) errors. In the past 6 months, 91 percent of companies have experienced an AI cyberattack. David Lomax, Solutions Engineering Manager EMA at Abnormal, states that AI is changing the cybersecurity landscape enormously. He explains: ‘96.6 percent of security professionals see that traditional defense mechanisms do not work on the new threat that now exists. An email comes in, it is picked up and checked to see if there is anything strange about it. Then it is blocked.’
‘But those systems don’t check whether I normally receive emails from this person,’ he continues. ‘People with bad intentions send a personalized email with generative AI to stand out to a user. And once they’ve got a bite, they send an email about an invoice that is still open and needs to be paid quickly, for example. Compiled by a chatbot. Ask AI ‘write an email that moves people to click on a link’ and the AI gets to work for you.’
A big challenge, but one that can be solved. Provide more context for emails and use internal data sources to see more quickly whether something was written by a human or by AI . For example, by using AI against AI. And by training your employees well.
Theme 3: NIS2.
NIS2 is coming, get ready.
A third major trend that will play a role in IT next year is NIS2, the new law that means, among other things, that high-ranking people in a company will be held responsible for security. Not that they have to do it themselves, but they do have to know a lot about it.
Erik-Jan Frieser from the startup Frieser & Schuckmann is walking around the trade fair floor. With his company, he wants to bring the security knowledge that large companies have to the SME-Plus market. He says the following about NIS2: ‘For cloud and security, you don’t see a direct return on investment for small companies. People need to start seeing it more as insurance: it costs a lot of money, until you hit a tree. We also see that we have ended up in a kind of hybrid war, in which many companies do all sorts of things in the cloud, but don’t really know what the exact situation is. Isn’t the back door open, or – perhaps even worse -: the front door?’
‘I think security should be assigned to a separate person’, he continues. ‘1 person who is responsible for access management. But it is also important that business owners are well informed. Think of it as being the owner of a house: you have to know whether the lock on the door is good or not. You want to know that if you put the key in the lock and keep turning, 3 or 10 hooks will close. You will soon be liable and you really have to know what security measures have been taken. Saying: ‘the door opens and closes and Henk takes care of the rest’ will no longer be possible. Security is not an IT party. More. Seek cooperation between different departments. Then it will be more fun and safer for everyone.’
