Speed, visibility, and culture: The cloud security story behind ELMO Software

You can’t secure what you can’t see

“When we talk about this shared responsibility model it is very important for us to know what we have on the cloud,” Naik said. “We cannot secure what we cannot see.”

With visibility proving critical to robust cloud security, ELMO relies on a cloud-native application protection platform (CNAPP), which enables Naik’s team to scan infrastructure as code. This ensures security is built into ELMO’s platform from the ground up, with security provided throughout the development pipeline in a true implementation of ‘shift left’ development principles.

“Security is part of the architecture and does not just come in the deployment phase,” Naik said.

Encryption is another core pillar of the cloud security strategy, with all data secured both at rest and in transit.

“Data sovereignty is also very important for us, because we cater to ANZ customers mainly, and hold data which is highly regulated,” he said. “Where the data resides and who accesses that data matters to us, so we need to have proper viability of the data and its flow.”

Inside ELMO’s cloud security tech stack

With these needs in mind, ELMO’s cloud security stack includes Trend Micro’s Vision One platform to deliver requirements for visibility, with posture management delivered through Trend Conformity, and log management via Elastic Agent.

“From a security point of view, it is important to keep an eye on the logs, because it is important to triage and analyse if there is any breach or incident,” Naik said.

Trend Micro also provides extended detection and response (XDR) and anti-malware capabilities, supporting a broader shift towards identity-centric security.

“Altogether, this helps us to identify the user behaviour,” Naik said. 

Why tool integration and synergy matter

While these tools are central to ELMO’s approach, Naik emphasised that integration is just as important as capability.

“The most important thing is synergy,” Naik said. “If different tools don’t talk to each other and don’t integrate, then that creates, and it is hard for the technicians to manage them.

To address this, ELMO is evaluating a SIEM platform capable of ingesting logs from multiple vendors and presenting a unified view.

“That will mean that we don’t have to hop into different tabs and browsers to monitor alerts and notifications,” he said.

Looking ahead, Naik said automation would play a greater role in ELMO’s cloud security posture, possibly through implementation of SOAR (security orchestration, automation, and response) to complement the SIEM capabilities.

The future and building a cyber resilience culture

“The future is not just about identification and prevention. It is about the response capabilities and automation plays a very important role,” Naik said. “The biggest challenge for the future is speed. We want to keep an element of ‘human in the loop’ to validate, but the pace of manual changes means I don’t think that purely manual effort is going to be fruitful anymore.”

While the tools proved critical, Naik said it was equally important that ‘visibility’ included team members across the organisation, such that everyone had an understanding of the part they played in making shared responsibility effective.

“It is more about culture for me than the technology going forward,” Naik said. “If you do not have a cyber resilience culture where people know that they are also responsible and take ownership of security then most strategies fail, because people are working against your strategy.”