From On‑Prem to Cloud Apps: You’re Still Responsible for Security

Moved your ticketing and tracking system to the cloud? Great. But even when the provider secures the infrastructure, you still own your data, authentication, and access. Here’s how we locked down our cloud app with Entra ID, Conditional Access, and geo‑based policies — and how we can help your Perth business do the same.

Garry BloomGarry Bloom · Founder & Senior IT Manager
1 May 2026
5 min read
cloud security
Microsoft Entra ID
Conditional Access
geo‑location access control
cloud migration
AI‑driven apps
ticketing system
Perth IT support
small business IT
managed services

More and more businesses are discovering how AI‑driven applications can streamline workflows, automate repetitive tasks, and create a real impact on productivity. At IT Support Perth, we’ve seen firsthand how cloud‑based ticketing and tracking systems can replace clunky on‑prem tools and make day‑to‑day operations smoother.

But there’s one question we always ask: “Have you really thought about security once the app moves to the cloud?”

The Illusion of “They Secured It For You”

When you migrate from an on‑prem system to a cloud‑based ticketing and tracking platform, it’s easy to assume that the provider handles everything. After all, they’re managing the servers, networks, and physical infrastructure.

In reality, you remain responsible for your data, identities, and access controls.

  • Who can log in?

  • From where?

  • Under what conditions?

Even the most secure cloud provider can’t protect you from weak passwords, shared credentials, guest access, or unapproved international logins. That responsibility sits squarely with your business.

How We Secured Our Own Cloud App

To give you a real‑world example, let’s talk about our own migration.

Our previous on‑prem ticketing and tracking system was slow, hard to scale, and limited to our local office. We wanted:

  • Faster access.

  • Better reporting.

  • Easier integration with Microsoft 365 tools.

We moved to a cloud‑based ticketing and tracking system that fits our needs — but we didn’t stop there.

We took three key steps to secure it properly:

1. Entra ID Integration
Instead of managing separate usernames and passwords, we connected our cloud app to Microsoft Entra ID (Azure AD). Every team member now logs in with a single identity tied to our organisation, so:

  • User lifecycle is managed in one place.

  • Access can be revoked instantly when someone leaves.

  • We get consistent MFA and conditional access rules across all apps.

2. Conditional Access Policies
We added Conditional Access policies so that:

  • Login only happens from approved devices.

  • Multi‑factor authentication (MFA) is enforced for critical actions.

  • Risky sign‑in attempts are blocked automatically.

This means we don’t just rely on “who knows the password” — we also check how and where they’re connecting from.

3. Geo‑Location / GPS‑Style Restrictions
Even though our vendors host the application in the cloud, the data is ours. To reduce risk, we set up geo‑location rules so that no one overseas can connect to the application.

This is like adding a GPS‑style policy: if the user’s IP location is outside our approved region, the sign‑in is blocked. That closes a big gap many businesses overlook when they assume “cloud = secure by default.”

Why This Matters for Your Business

If your company is:

  • Using a cloud‑based ticketing, CRM, or project‑tracking system.

  • Thinking about AI‑driven apps or automation tools.

  • Worried about data leaks or unauthorised international access.

… then you’re in a very similar position.

You’ve chosen the cloud for flexibility and cost.
You’ve chosen AI‑driven apps for speed and impact.
But the security layer around your users, identities, and access is still yours to design and manage.

How We Can Help You “Tighten It Up”

At IT Support Perth, we help SMBs under 50 seats:

  • Review and secure your cloud‑based apps and ticketing systems.

  • Integrate them with Entra ID so you have one identity source.

  • Set up Conditional Access and geo‑based policies so only the right people can connect — from the right locations.

  • Provide ongoing monitoring and adjustments as your team grows.

If this sounds like your current company scenario, we’re ready to help you tighten up your security and make sure your cloud‑hosted apps and AI‑driven tools are as secure as they are powerful.

Garry Bloom
Written by
Garry Bloom
Founder & Senior IT Manager · 25+ years in IT

Garry founded Computer Mechanics — the business behind IT Support Perth — in 1997. With more than 25 years in IT management and support across internal and external service environments, he leads the team's technical direction and its cybersecurity and managed-IT strategy for Perth businesses.

Meet the IT Support Perth team →
Garry Bloom
1 May 2026
5 min read
cloud security
Microsoft Entra ID
Conditional Access
geo‑location access control
cloud migration
AI‑driven apps
ticketing system
Perth IT support
small business IT
managed services

Stay Updated with IT Insights

Get the latest cybersecurity tips and technology insights delivered to your inbox

Related Articles

4 IT Gaps Small Businesses Overlook (and How to Close Them)

Most Perth businesses aren't undone by one huge disaster — it's the small IT gaps that stack up: missing MFA, delayed patching, old access nobody removed, and untested backups. Here's how teams under 50 users can close them. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

How to Safely Offboard an Employee (and Protect Your Company Data)

When a staff member leaves, their access is a security risk until it's properly closed off. A practical Perth-business checklist for offboarding an employee without losing data or leaving a door open. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

5 Signs Your Business Has Outgrown Your Current IT Guy

One trusted 'IT guy' works — until it doesn't. Here are five clear signs a Perth business has outgrown break-fix IT and needs a proper managed IT team. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

Need Expert IT Support?

Get personalized advice from our Perth IT experts. Free consultation available.

Related Content

Continue Reading

Explore more insights and expert advice on IT support, cybersecurity, and digital transformation

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.
CyberSecurity
ITSupportPerth

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.

Most small business owners believe end-to-end encryption means their messages are completely private. A recent FBI case proves that assumption is dangerously incomplete.

5 min read
4/15/2026
What’s new in SMB1001:2026?
SMB1001
SMB10012026

What’s new in SMB1001:2026?

SMB1001:2026 updates for Perth SMBs: Mandatory DMARC from Silver tier, 5 maturity levels, Essential Eight alignment. Get certified, cut insurance costs, win tenders—start your roadmap today!

5 min read
2/25/2026
Microsoft Secure Score: a simple way to improve Microsoft 365 security
Microsoft Secure Score
Microsoft 365 Security

Microsoft Secure Score: a simple way to improve Microsoft 365 security

Microsoft Secure Score helps Perth SMBs measure Microsoft 365 security and fix high-impact issues like MFA, conditional access, and email protection.

5 min read
5/6/2026