Better data security doesn’t always come down to having the latest and greatest in technology. While new gadgets and tools can be a big help, there may need to be a shift in internal policies for companies to truly improve how they protect sensitive information.
As an example of an area that needs to change, a recent survey by Nasuni found that cloud computing services are being autonomously used in organizations not only by low and mid-level employees, but by top level executives as well. In fact, the report found those who are most likely to use cloud services like Dropbox are vice presidents and directors of companies. The problem with this is that there is no one to reprimand the executives when they use shadow IT tools due to the power they have. This in concert with the amount of sensitive information they have access to makes for a collision course toward a nasty security breach.
“The problem likely won’t go away anytime soon, as it is being fueled by mobile technology,” Joe McKendrick wrote in related commentary for ZDNet. “About 58 percent of respondents with a personal mobile device say they resort to using their own device to access work files because the company does not provide the tools they require. Dropbox usage is prevalent in the mobile world as well; after email, it is the most common tool used for accessing work files on a mobile device.”
This is something companies must get a grasp on sooner or later, as the amount of new devices employees have brought in after the holiday season will likely lead to much more unauthorized use of cloud and other so-called “shadow IT” services that are not approved for use by the company. Nasuni said for higher-level executives, it may be best to work not so much with enforcement and governance but more with training and education. This can help teach these workers why what they are doing can be harmful to the company and make them think before they click.
Cloud will disrupt technology in the new year
Not every company will have the opportunity to plan for better use of data security in cloud computing, as Network World reports that The Security for Business Innovation Council has called cloud computing security tools the most disruptive force in 2013. This is where things may have to change, as the SBIC said middle management does not want to use their budget on security measures, but having data security tools, training and policies in place is a must if an organization wants to avoid the downside of this technology.
For the new year, the website suggests security teams should be working to build relationships with middle managers in order to have better security across the company.
Cloud Security News from SimplySecurity.com by Trend Micro.