HR Security Risk Prevention…

HR Security Risk Prevention…

With the rapid adoption of the Cloud by SMEs as well as large enterprises, it has become vital to review and update HR policies to mitigate information security threats that come with this paradigm shift. Cloud systems differ from traditional, in-house IT infrastructure in a way that businesses now have less control over their software while handing over most of the control to third party Cloud service providers. For example, it is hard to keep track of your employee’s browser history if he or she is connected to a virtualized environment inside the Cloud. Your business data is more vulnerable in the hands of an employee using Cloud since the chances of involuntary information spill are greater in Cloud environments.

For companies moving to the Cloud or those who have already made the transition, it is important that not only their CIOs sit sit down and review the IT staff policies to adequately cover the company against any risks of employee using company information for illegitimate purposes. CIOs may make the policies but when it comes to enforcing anything on employees, HR has to be involved so it’s better to involve them early on instead of handing them down a plethora of information security policy for theCloud.

To start with, companies should enforce technology based restriction on Cloud on what an employee can and cannot do vis-à-vis Cloud apps. Of course, you have to make sure that the Cloud solution provider conforms to your information security requirements on Cloud apps. For example, employees should not be allowed to send emails to their private accounts using Cloud without prior permission. HR staff also needs to include the Cloud related policy decisions in employee’s handbook.

For example:

  • Whether an employee can use public Cloud storage solutions like DropBox at work and more importantly, does the company allow information to be put into public Cloud storage services?
  • Can an employee use personal handheld devices like smartphone/tablet at/for work?
  • Can an employee be allowed to send emails to private accounts to facilitate his/her work outside the office environment? If so, should that email be CC’ed to some else as well?
  • Does the policy handbook covers in detail the use of internet, email and other IT transactions from work and can they be monitored?

HR policy should clearly mention what comes under the definition of ‘company information’ and ‘company property’. IT policy also needs to be updated periodically because with the plethora of new possibilities which the Cloud brings for businesses, it also leaves loopholes in company’s information security policy.

By Salam UI Haq

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Insider Threats and Sensitive Data in the Cloud

Insider Threats and Sensitive Data in the Cloud

The Age of Sensitive Data in the Cloud A recent survey report conducted by the Cloud Security Alliance (CSA) revealed that cloud security had reached a tipping point: 64.9% of respondents (which included IT security professionals from enterprises across all industries and regions) believed that the cloud was as secure or more secure than their…

The True Power And Potential Of Wearables

The True Power And Potential Of Wearables

The Power of Wearables The potential of wearable computing for efficiency and innovation is enormous. For business leaders and CIOs, wearable technology represents an opportunity to find more intelligent solutions to real problems and to leverage these devices for the benefit of the organization. But before wearables can successfully realize these expectations, there remain basic…

Drones: Unlimited Possibilities Await Us – Good And Bad

Drones: Unlimited Possibilities Await Us – Good And Bad

Drones: Unlimited Possibilities I have written two recent posts here on CloudTweaks about drones. The first, ‘The Pizza Delivery Drone’, was a somewhat comical look at what possibly is to come with future drones. The second was a look at the more immediately possible concept of a modular drone.  Modular drones are capable of supporting…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

Simple And Recommended SaaS Security Tips

Simple And Recommended SaaS Security Tips

SaaS Security Tips Most people and companies are now using a significant amount of SaaS solutions. Companies are running sales support software, they are file sharing, collaborating and using e-mail programs and a lot more in the cloud. However, that usage also leads to concerns about the security of those solutions. How safe are they? What…

New Smartphones From Apple, Samsung and HTC Promise To Light Up 2016

New Smartphones From Apple, Samsung and HTC Promise To Light Up 2016

New Smartphones from Apple, Samsung and HTC (Sponsored post courtesy of Verizon Wireless) The launch of the Galaxy S7 Edge at the Mobile World Congress in Barcelona during February was the first shot in a vintage year for mobile phones. The S7 is an incredible piece of hardware, but launches from HTC and Apple later in the…

Featured Sponsored Articles
How Successful Businesses Ensure Quality Team Communication

How Successful Businesses Ensure Quality Team Communication

Quality Team Communication  (Sponsored post courtesy of Hubgets) Successful team communication and collaboration are as vital to project and overall business success as the quality of products and services an organization develops. We rely on a host of business tools to ensure appropriate customer interactions, sound product manufacturing, and smooth back-end operations. However, the interpersonal relationships…

Featured Sponsored Articles
How To Develop A Business Continuity Plan Using Internet Performance Management

How To Develop A Business Continuity Plan Using Internet Performance Management

Internet Performance Management Planning CDN Performance Series Provided By Dyn In our previous post, we laid out the problems of business continuity and Internet Performance Management in today’s online environment.  In this article, we will take a look at some of the ways you can use traffic steering capabilities to execute business continuity planning and…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor