More and more businesses are discovering how AI‑driven applications can streamline workflows, automate repetitive tasks, and create a real impact on productivity. At IT Support Perth, we’ve seen firsthand how cloud‑based ticketing and tracking systems can replace clunky on‑prem tools and make day‑to‑day operations smoother.
But there’s one question we always ask: “Have you really thought about security once the app moves to the cloud?”
The Illusion of “They Secured It For You”
When you migrate from an on‑prem system to a cloud‑based ticketing and tracking platform, it’s easy to assume that the provider handles everything. After all, they’re managing the servers, networks, and physical infrastructure.
In reality, you remain responsible for your data, identities, and access controls.
Who can log in?
From where?
Under what conditions?
Even the most secure cloud provider can’t protect you from weak passwords, shared credentials, guest access, or unapproved international logins. That responsibility sits squarely with your business.
How We Secured Our Own Cloud App
To give you a real‑world example, let’s talk about our own migration.
Our previous on‑prem ticketing and tracking system was slow, hard to scale, and limited to our local office. We wanted:
Faster access.
Better reporting.
Easier integration with Microsoft 365 tools.
We moved to a cloud‑based ticketing and tracking system that fits our needs — but we didn’t stop there.
We took three key steps to secure it properly:
1. Entra ID Integration
Instead of managing separate usernames and passwords, we connected our cloud app to Microsoft Entra ID (Azure AD). Every team member now logs in with a single identity tied to our organisation, so:
User lifecycle is managed in one place.
Access can be revoked instantly when someone leaves.
We get consistent MFA and conditional access rules across all apps.
2. Conditional Access Policies
We added Conditional Access policies so that:
Login only happens from approved devices.
Multi‑factor authentication (MFA) is enforced for critical actions.
Risky sign‑in attempts are blocked automatically.
This means we don’t just rely on “who knows the password” — we also check how and where they’re connecting from.
3. Geo‑Location / GPS‑Style Restrictions
Even though our vendors host the application in the cloud, the data is ours. To reduce risk, we set up geo‑location rules so that no one overseas can connect to the application.
This is like adding a GPS‑style policy: if the user’s IP location is outside our approved region, the sign‑in is blocked. That closes a big gap many businesses overlook when they assume “cloud = secure by default.”
Why This Matters for Your Business
If your company is:
Using a cloud‑based ticketing, CRM, or project‑tracking system.
Thinking about AI‑driven apps or automation tools.
Worried about data leaks or unauthorised international access.
… then you’re in a very similar position.
You’ve chosen the cloud for flexibility and cost.
You’ve chosen AI‑driven apps for speed and impact.
But the security layer around your users, identities, and access is still yours to design and manage.
How We Can Help You “Tighten It Up”
At IT Support Perth, we help SMBs under 50 seats:
Review and secure your cloud‑based apps and ticketing systems.
Integrate them with Entra ID so you have one identity source.
Set up Conditional Access and geo‑based policies so only the right people can connect — from the right locations.
Provide ongoing monitoring and adjustments as your team grows.
If this sounds like your current company scenario, we’re ready to help you tighten up your security and make sure your cloud‑hosted apps and AI‑driven tools are as secure as they are powerful.



