Security has become a top-of-mind concern for those enterprises seeking to invest in cloud technologies. However, the security challenges posed by implementing cloud services for your company should be weighed against the security risk posed by not using them. In a recent report by Frost and Sullivan, 80% of those surveyed admitted to using applications and cloud services not approved or managed by corporate IT departments. One can imagine that the list of applications likely includes Box, Dropbox and Gmail. Companies should not dismiss or ignore the security threat of this behavior, which is unlikely to diminish without an acceptable substitute.
Too often companies can fall into the trap of building an IT system for nefarious employees, one that is designed to protect company data from the most disgruntled and spiteful users. This can lead to excessively complex security environments and unfriendly user experiences.
The reality is that employees are generally good and want to be productive. They seek cloud services because it lightens their workload and increases their flexibility. When someone emails a work file to their personal Gmail account, it’s often to work on it from home or from an unapproved device. The key phrase here: “To work on it.” These employees are just trying to do their job. Does this mean that as an IT Administrator, you should throw caution to the wind and enable just any cloud service for your employees? Of course not. It does however lead me to suggest the following:
- Assume employees want to be productive → Understand how your employees like to work and make it a reality
- Don’t manage to the exception → Focus on enabling your productive users to drive even more value to your organization
- Walk in your users’ shoes → Consider User (read: employee) Experience when designing your employee digital workspace
- Consult with your users → Identify which applications are currently being used, both approved and unapproved, and which ones they’d like to incorporate into their workstream
- Reconsider your options → Compare the security of your current environment, given your findings in step 4, with the security offered in a similar cloud solution. Don’t forget to factor in user experience, user satisfaction, overhead costs and productivity.
As we navigate through a new era in computing and technology, one that is characterized by anytime, anywhere access and centered around users instead their devices, it is likely that more and more Enterprises will find themselves coming to the same conclusion we have: That the risk of NOT having a cloud service may outweigh the risk of having one.