The Meaning Of Secure Business Agility

Evelyn de Souza

Secure Business Agility

As cloud continues to accelerate business delivery and shift away the balance of power from IT and InfoSec to business users, organizations need to find ways to ensure that security is part of a business process rather than an afterthought. Today’s organizations are transacting some of their most valuable data and services in the cloud. While the promise of instant availability, convenience and cost are very attractive the damage to brand, reputation and trust could be irrevocable to businesses if security is not built in.

Many CISOs and InfoSec teams continue to struggle with the new order in which business users have unprecedented freedom over how they work, what devices and applications they use to accomplish their work and from where they work. Most want to partner with their business users to figure out optimal ways to engage in cloud services securely but most don’t think of how IT security integrates into business processes. The result is that we often see burdensome processes within organizations where business users have to take extra steps to categorize data or to register new cloud security services. And, in doing so InfoSec and IT might be creating a bigger risk where business users will further make a run around InfoSec and IT. When business users are pressed for time extra processes become doubly burdensome.

Insider Threat Vectors

Over the last year there has been a rise in both accidental and mis-intentioned insider threat vectors. With personal and business lines of work so blurred it’s easy for business users to accidentally drag and drop the wrong attachment into an email, or in the spur of a moment accidentally post a message that alludes or pertains to confidential company information, or post a regulatory-related file on an unsecured file share site in order to make it easier to work on.

The key to secure business agility in the cloud is through ongoing dialog and automation.

evolution-tech

Ongoing dialog:

  • Given the fast changing pace of today’s business environments IT and InfoSec and business users need to have constant check-ins to ensure a fruitful relationship. Needs are going to change rapidly as increasingly more services are migrated to the cloud.
  • Security processes need to be designed to be business intuitive. If business users are going to required to own the data classification process, categories should be few and very intuitive. And, so, too the process for the onboarding of new cloud services.

Automation:

There are now a slew of cloud security services that enable business users to remain agile while preserving security in a less intrusive way.

  • Emerging data security toolsets leverage big data analytics and machine learning to automate the data classification process. Such toolsets should be explored within the business culture, geographies and trialed before going broadscale.
  • Self service portals can be designed with a standard set of security profiles built in. This helps not only automate the cloud security provisioning process but also allows for consistent implementation company-wide and across the many different types of cloud services a company many engage.

As we enter into 2016, I encourage IT and business users to find more meaningful ways to ensure securely accelerate cloud services.

By Evelyn de Souza

Kaylamatthews

How AI Can Keep Documents Secure During the Age of Remote Work

Keeping Documents Secure While remote In response to the COVID-19 pandemic, global businesses have restructured operations to accommodate remote work and telecommuting. Humanity has collectively ...
Ben Ferguson

7 Reasons Why You Should Consider Deploying SD-WAN Alongside Public Cloud Services

Why You Should Consider Deploying SD-WAN Software-defined WAN (SD-WAN) and public cloud IaaS services both offer powerful benefits to virtually any business. Many of these same ...
Ian Hayes

EasyShip – Shipping and delivering across the cloud

The Shipping Industry  Article branded by Easyship Shipping and delivering across the world is as hectic as it sounds, and it can get really chaotic ...
Shopping Ny

3 Leading Dropshipping Platforms in 2020

Dropshipping Platforms Dropshipping has been growing tremendous interest over the years especially with the ability to access and source massive amounts of product inventory online ...
Gilad David Maayan

Accessing (HPC) High Performance Computing

HPC in the Cloud Big data and Machine Learning (ML) can provide businesses with incredible insights and an innovative edge. However, to properly analyze the ...
Or Lenchner

Using an IPPN to fight ad fraud: your questions, answered

Using an IPPN to fight ad fraud It’s a well-known fact: the internet is a marketer’s dream, offering brands the chance to engage with consumers ...
Jen Klostermann

Telemedicine to medical smartphone applications

Telemedicine to medical smartphone applications With the current and growing worldwide concerns regarding the Coronavirus (COVID 19). Telemedicine is more important now than ever. What ...
Kokumai

History, Current Status and Future Scenarios of Expanded Password System

Future Scenarios of Expanded Password System Passwords are so hard to manage that some people are urging the removal of passwords from digital identity altogether. What ...
Patrick Joggerst

Payments Companies Will Always See ROI on Embedded Real Time Communications

ROI on Embedded Real Time Communications Without secure, real time communications applications, the financial services industry could literally come to a standstill. While transactions are ...
Mike Brown

Robo Advisors and the Investment Management Industry

The Future of Robo Advisors Robo advisors are on the rise and they are winning in the investment management industry. When they made their appearance ...