The Security of Cloud Services and SaaS, Part 2

In Part 2 of this series, let’s take a look at the Technology Secured at Scale of cloud computing and the security benefits of centralised SaaS computing.

Daniel Ayala will be posting articles about information security, privacy and compliance in our blog. Throughout his 25 year career, he has led security and privacy organisations in banking and financial services, pharmaceutical, information, higher education, research and library organisations around the world, and both writes and speaks regularly on the topics of security, privacy, data ethics, and compliance. He also happens to be LabArchives Chief Information Security Officer!

Part 2: Technology Secured at Scale

Greetings LabArchives Reader,

Security & Monitoring

There’s a significant benefit to having a single entry point into your network; you can see all the traffic going in and out. One can detect attacks and respond quickly to what is identified as malicious. Coupled with information sharing amongst companies about the types of attacks that each saw and the use of automated blocking tools, this model served us well from a security perspective for nearly 30 years.

With the entrance of the most widely-used enterprise SaaS systems such as Office 365, Google Workspaces, ServiceNow and Workdays, the gravitational centre of the enterprise began its shift out of the local data centre. Layer on a more mobile workforce, working from laptops, phones and tablets, and the expectation that a device would be visible to the internal corporate or university network could no longer be guaranteed, and with it went the ability to have a single security visibility point or choke point. Google chronicled this new operational model as BeyondCorp, and a monumental change in securing applications, data and devices began.

With this shift away from the central, internal network, a new aggregation point for security intelligence arose: the cloud service provider. According to a recent Canalys research report, the three top cloud hosting providers, AWS (32%), Microsoft Azure (19%), and Google Cloud (7%), now account for well over half of all cloud hosting globally. This trend means that there is a new aggregation point for monitoring and intelligence on attacks. It is a view more comprehensive than any one enterprise reconnaissance or threat intelligence efforts could achieve.

The benefit of scale and gravity also extends to security research and development and staff expertise. Major cloud providers have an incentive to build secure infrastructure and keep it secure as that is the whole of their business. Investments in new security techniques and technologies are core for them. They can often invest more significant amounts and make more progress on securing their environments because it is their business; contrast this with the sometimes-held idea that security is a cost for organisations rather than an investment, enabler, or even a competitive advantage.

Also, when security innovations are added into these cloud services, they can be quickly adopted by all the many applications built upon that cloud provider’s offering, thus improving the overall security of the Internet without cost to or requiring significant effort by the hosted organisations themselves. The most basic premise that continuous improvement in security by major hosting services and the following quick adoption by cloud SaaS companies is a hallmark of the essential security benefit that comes with cloud services.

Latest Blog Posts

Microsoft OneDrive is a convenient tool for storing and sharing documents, but it was never designed to meet the demands of scientific research. Without structured workflows, audit trails, or compliance safeguards, OneDrive falls short as an Electronic Lab Notebook (ELN)—putting reproducibility, collaboration, and compliance at risk.
In research, data security isn’t just an IT responsibility—it’s mission-critical. LabArchives safeguards the world’s most sensitive scientific work with enterprise-grade encryption, immutable audit trails, and global compliance support. Trusted by NIH and 600+ institutions, LabArchives delivers transparency, control, and future-proof compliance so researchers can focus on discovery while IT teams rest assured.
Join LabArchives’ Hannah Clark on Oct 15, 2025 (2–3 PM ET) to master enterprise-only features that drive research data management KPIs. Learn how to enforce data ownership, align permissions with your org chart, govern publishing, strengthen compliance, and standardize workflows. Perfect for site admins, research leaders, and administrators.
As more labs transition to digital research tools, some mistake Microsoft OneNote for a suitable electronic lab notebook (ELN). While flexible and familiar, OneNote lacks the compliance, traceability, and scientific workflows required for secure research documentation. Before adopting a general note-taking app, learn why your lab needs a dedicated ELN designed for science.

Get started with LabArchives today

Start for free and upgrade as your team grows