Nicholas Lee

Is Your Corporate Data Appearing On Personal Clouds?

Corporate Data Appearing On Personal Clouds

Enterprise cloud adoption has led to cloud consumerization, but how safe is any personal cloud?

Remember when you’d join a company and they’d issue a desktop computer and corporate-issued cell phone? And remember all the company’s data was stored in a server on-site at the company? It’s fair to argue that occurred in a different century. Indeed, those days are long gone. We now live in a world of digitalization, mobile computing, and cloud computing proliferation – and that has made more complicated the protection of corporate intellectual property and data.

shutterstock_174380087

(Image Source: Shutterstock)

The proliferation of mobile computing has exploded, bringing about a new order: first laptops were born, then smart phones, iPad, tablets of the likes of Amazon Kindle and Apple iPad, and then Microsoft produced its uber Surface tablet that would be smaller than a laptop and as powerful as a desktop. The “Bring Your Own Device” to work reality brought to corporations a realization that official policies needed to be established by corporate IT and enforced to safeguard corporate intellectual property and data within the enterprise, and indeed, the data infrastructure or plumbing itself.

A two-front defensive war became a major obsession for corporate IT – to guard against the enemy outside the firewall, and fight the enemy within the corporate firewall. Oh, and if that wasn’t enough of a task, corporate IT has had to ensure that while it is engaged in a war to protect corporate intellectual property and data, it must work with employees to define the realm of employee privacy and then take measures to respect employee privacy.

The Do’s And Don’ts 

Official policies of do’s and don’ts for using your own personal mobile computing devices for work have been successfully compiled by corporate IT staffs, and some have even purchased IT security and network monitoring products to help them – and employees — achieve certain strategies of ‘corporate-appropriate’ usage. How does this play out?

A software developer was asked to work on-site at a company, and he was encouraged to use his own laptop and the local Wi-Fi provided by her company. That Wi-Fi network browser was monitored by a tool that issued a set of rules and regulations installed by the corporation’s IT staff – forbidding access to certain web sites. For example, the business-oriented website LinkedIn was ok to visit; the personal dating site Match.com was blocked.

Just when you thought, with the advent of BYOD, that the war to protect corporate intellectual property from outsiders and enemies within had become a mission possible, enter the complexity of cloud computing proliferation – first for the enterprise, and now for the consumer.

StorageClouds are networks of servers connected together in a way that allows centralized data storage and access to various services and resources. The benefit of any type of cloud — be it “public” or “private” — is the potential for the data it stores to be accessed at all times by authorized users. Most enterprises have been comfortable using the cloud, with vendors like Citrix, offering up “application-centric” cloud platform services. With the rise of Box.com, Dropbox, Google Drive, Apple iCloud and others, consumers too are using the cloud in ever greater numbers – even if they don’t exactly know what “the cloud” is. (Infographic Source: http://cirrusfiles.net/)

Whether you’re an enterprise or a consumer, a major assumption exists — that really hasn’t been substantiated — that the cloud itself is secure. There’s a lack of transparency when it comes to corporate IT knowing where their data is stored and if it is safe, so having a corporate policy around cloud-consumption is key to ensure you know where your cloud sits and what level of protection is being afforded.

A survey of nearly 300 IT professionals conducted by Voltage Security indicated that almost half couldn’t say in which countries their data resided, and 30% were completely unaware of data residency laws and requirements.

Data and applications on online clouds are separated so that only authorized users may access certain subsets as appropriate, but what’s clear is that not all clouds are protected equally – against outsiders and even potential enemy within the cloud organization itself.  Performing proper diligence on your cloud-provider and mitigating risk by enabling a secure enterprise cloud will provide corporate users the benefits they seek from a cloud-based service; while safeguarding corporate data – it all comes down to be proactive, and having a corporate approved strategy.

Bottomline: we live in a digital world in which enterprises and individuals are using computing devices and mobile computing devices that produce and distribute digital data to the cloud; and in this world individuals are bringing their own devices to work – and along with it, to some degree, their own clouds.

How transparent should and can cloud providers be when it comes to security or what questions should you be asking today? If companies do their utmost to develop and enforce policies surrounding BYOD, what good is it if the strategy fails to address the cloud itself?

By Nicholas Lee

Nicholas Lee

Nicholas Lee is Head of Global Digital Programs for Fujitsu, the leading Japanese information and communication technology company. Approximately 162,000 Fujitsu people support customers in more than 100 countries.

View Website

CONTRIBUTORS

A Ray of Digital Sunshine During a Hurricane Portends Big Changes in One of the World’s Largest Industries

A Ray of Digital Sunshine During a Hurricane Portends Big Changes in One of the World’s Largest Industries

A Ray of Digital Sunshine Here’s something that will bring a smile: As hurricane Irma was about to slam into ...
IoT: Penetrating the Possibilities of a Data Driven Economy

IoT: Penetrating the Possibilities of a Data Driven Economy

Data Driven Economy All of us are accustomed to the smart wearables, such as the ones we wear on a ...
Security and the Potential of 2 Billion Device Failures

Security and the Potential of 2 Billion Device Failures

IoT Device Failures I have, over the past three years, posted a number of Internet of Things (and the broader ...
The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a ...
Top Security and IT Priorities for 2017

Top Security and IT Priorities for 2017

Top Security Priorities By 2019, cybercrime is expected to cost businesses over $2.1 trillion globally according to Juniper Research. Needless ...
4 Open Source Business Intelligence Tools For Big Data Reporting

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
security wordpress 101

WordPress Security 101 – Securing Your WordPress Installation

WordPress Security 101 Roughly 37,000 websites are breached daily. Considering WordPress powers at least 53% of all websites, you can bet a lot ...
Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

The Malware Cloud Concern This year we’ve had two cyber attacks in which malware was used to cripple government computer ...

NEWS

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...
HPE CEO Whitman's surprise exit stumps Wall Street

HPE CEO Whitman’s surprise exit stumps Wall Street

(Reuters) - Shares of Hewlett Packard Enterprise Co (HPE.N) fell 6 percent on Wednesday after Chief Executive Officer Meg Whitman’s ...
Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

EDINBURGH, Scotland, Nov. 21, 2017 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices ...

SPONSORS

Internet Performance Management In Today’s Volatile Online Environment

Internet Performance Management In Today’s Volatile Online Environment

Internet Performance Management It’s no exaggeration to say that the Internet is now the heart of the global economy. Competition ...
How Printers Help Hackers Hide In Plain Sight

How Printers Help Hackers Hide In Plain Sight

Printers and Hackers Spies and thieves often do their best work by hiding in plain sight. No one suspects the ...
The Skill & Training Mandates of Big Data

The Skill & Training Mandates of Big Data

Big Data Mandates For some years a dearth of data scientists and analysts has caused concern, with McKinsey expecting a ...