Securing cloud content: are your policies restricting innovation?
byOfunne08-23-201210:07 AM - edited 08-23-201211:35 AM
By: Abhay Rajaram, VP of Customer Success
On Tuesday, August 21st, I gave a presentation at the C10 100 conference: Securing cloud content: are your policies restricting innovation?
Below is a recap of the presentation along with my slides.
It’s obvious that the cloud is now mainstream when it comes to pure services that improve productivity and bring down costs. However, as your users continue to leverage the cloud to drive innovation in their core businesses, we find an increasing amount of content being stored and transported via the cloud. This growing trend introduces an interesting challenge to CIOs – cloud security.
A review of recent headlines brings the issue to the forefront – security breaches and data leaks make you wonder whether cloud security is an oxymoron! IBM, for example, recently announced that it was completely blocking Dropbox as well as requiring all iOS devices to be disconnected from iCloud. Instead, IBM has built a custom solution to enable mobile access to content for its users.
Not every company has the luxury of building a custom solution. Even if the resources are available, how many times have we heard about in-house solutions that ‘get the job done’ but are ‘not all that easy for users’? The reality of today’s world is that users have access to highly sophisticated tools and solutions via the Internet. And if IT does not provide solutions that ‘delight’ them, the users are going to bring these tools into the enterprise. The consumerization of IT is real and growing.
The key challenge facing us today is this – How do we achieve a fine balance between driving productivity via the cloud and managing the potential security risks? What makes it even more interesting is that the content collaboration and file sharing market landscape is evolving in real time – BYOD, mobility, and enterprise social are examples of growing trends that are directly related to this evolution. And then there’s email! As much as we love to hate email, it continues to be the most popular technology for collaborating beyond your corporate boundaries.
Here’s the good news – You’re not alone. YouSendIt continues to partner with a variety of CIOs from around the world as we navigate through these exciting and often challenging times. As a first step, consider this simple three-step framework:
1. Educate: Have a clear policy on what content can and can NOT exist in the cloud. Then go all out to raise the awareness on this policy and explain the potential risks that your company faces. You’ll be surprised to see how valuable this seemingly simple process can be.
2. Empower: Take the time to truly understand what your business users need (not what they WANT, but what they NEED). Then empower them with a solution that delights them. You’ll find that this culture of Educate+Empower will build a circle of trust between the user community and the IT leadership.
3. Audit and Monitor: In the spirit of ‘trust and verify’, you should plan to audit actively, manage proactively, and refine reactively. More often than not, you’ll find that this will get you into a virtuous cycle of constant improvement.
In closing, remember these key questions that you want to address as you evaluate your options for content collaboration and the cloud:
- What content belongs in the cloud? What doesn’t?
- What are the core business needs for content sharing?
- Are the users being educated on security risks?
- Can vendors be held accountable for security?
- What is the plan for regular auditing and management?
Cloud-based content collaboration and file sharing has the potential to drive exponential growth in user productivity in today’s world of mobility. And with the right solution in place, you can rest assured that security is an integral component of this evolution.