HR Security Risk Prevention…

HR Security Risk Prevention…

With the rapid adoption of the Cloud by SMEs as well as large enterprises, it has become vital to review and update HR policies to mitigate information security threats that come with this paradigm shift. Cloud systems differ from traditional, in-house IT infrastructure in a way that businesses now have less control over their software while handing over most of the control to third party Cloud service providers. For example, it is hard to keep track of your employee’s browser history if he or she is connected to a virtualized environment inside the Cloud. Your business data is more vulnerable in the hands of an employee using Cloud since the chances of involuntary information spill are greater in Cloud environments.

For companies moving to the Cloud or those who have already made the transition, it is important that not only their CIOs sit sit down and review the IT staff policies to adequately cover the company against any risks of employee using company information for illegitimate purposes. CIOs may make the policies but when it comes to enforcing anything on employees, HR has to be involved so it’s better to involve them early on instead of handing them down a plethora of information security policy for theCloud.

To start with, companies should enforce technology based restriction on Cloud on what an employee can and cannot do vis-à-vis Cloud apps. Of course, you have to make sure that the Cloud solution provider conforms to your information security requirements on Cloud apps. For example, employees should not be allowed to send emails to their private accounts using Cloud without prior permission. HR staff also needs to include the Cloud related policy decisions in employee’s handbook.

For example:

  • Whether an employee can use public Cloud storage solutions like DropBox at work and more importantly, does the company allow information to be put into public Cloud storage services?
  • Can an employee use personal handheld devices like smartphone/tablet at/for work?
  • Can an employee be allowed to send emails to private accounts to facilitate his/her work outside the office environment? If so, should that email be CC’ed to some else as well?
  • Does the policy handbook covers in detail the use of internet, email and other IT transactions from work and can they be monitored?

HR policy should clearly mention what comes under the definition of ‘company information’ and ‘company property’. IT policy also needs to be updated periodically because with the plethora of new possibilities which the Cloud brings for businesses, it also leaves loopholes in company’s information security policy.

By Salam UI Haq

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!
FacebookTwitterLinkedInGoogle+Share

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Advertising Programs

Click To Find Out!

Sponsored Posts

Sponsored Posts

CloudTweaks has enjoyed a great relationship with many businesses, influencers and readers over the years, and it is one that we are interested in continuing. When we meet up with prospective clients, our intent is to establish a more solid relationship in which our clients invest in a campaign that consists of a number of

Popular

Top Viral Impact

BYOD Will Continue To Define Workplaces In 2014

BYOD Will Continue To Define Workplaces In 2014

BYOD Will Continue To Define Workplaces In 2014 The bring-your-own-device trend has been the subject of scrutiny ever since its initial formation. Given how quickly personal smartphones and tablets became a fixture in everyday life, it makes perfect sense that these mobile machines would slip into workplaces. While BYOD has caused headaches for many businesses,

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow  Online Education is a very exciting topic for many as it opens up many new doors and opportunities. We’ve touched on areas such as Massive Open Online Sources (MOOC) which provides tremendous levels of cloud based interconnectivity. We’ve taken a look into higher education,  the increased demand for online courses as well as

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.

Whitepapers

Top Research Assets

HP OpenStack® Technology Breaking the Enterprise Barrier

HP OpenStack® Technology Breaking the Enterprise Barrier

Explore how cloud computing is a solution to the problems facing data centers today and highlights the cutting-edge technology (including OpenStack cloud computing) that HP is bringing to the current stage. If you are a CTO, data center administrator, systems architect, or an IT professional looking for an enterprise-grade, hybrid delivery cloud computing solution that’s open,

Public Cloud Flexibility, Private Cloud Security

Public Cloud Flexibility, Private Cloud Security

Public Cloud Flexibility, Private Cloud Security Cloud applications are a priority for every business – the technology is flexible, easy-to-use, and offers compelling economic benefits to the enterprise. The challenge is that cloud applications increase the potential for corporate data to leak, raising compliance and security concerns for IT. A primary security concern facing organizations moving