Sam DevSecOps

Why DevOps is Quickly Becoming DevSecOps

DevSecOps Industry Trends Trends move quickly in the information technology industry, but one that seems poised to stick around for the long haul is DevOps. DevOps is a concept that brings together best practices in software development and IT operations at the same time to
AI is Changing Marketing Strategies

Ways in Which AI is Changing Marketing Strategies for Businesses

AI Is Changing Marketing Strategies Artificial intelligence is computerized intelligence that simulates human behavior through computer apps, software and through other channels. These apps include the Facebook share dialog that lets you broadcast a personal story on your timeline, or on a group without having

The Security Gap

You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your content in the cloud is dangerous. The truth is that top tier cloud storage is more secure than most organizations’ on-premises data centers. Consider that most of the high profile data breaches have been on on-premises data centers.

During an Enterprise Content Management (ECM) assessment project, I mentioned to a client (in Canada) that I was willing to bet that some of their users were using consumer file sharing services. There were noddings of heads, murmurs of assent, and an “OMG how does he know?

cloud-client-shocked

(Image Source: Shutterstock)

In a meeting less than five hours after I mentioned it, an executive from one of the stakeholder groups got a call from security stating that her team was violating policy by using a well known consumer grade file sync and share (FSS). This client had deployed an ECM platform; one of the key drivers for the platform was sharing of content among collaborators. Consumer grade FSS services were not supposed to be necessary. One of the key inhibitors is Citrix.

What Options?

cloud-cloudtweaks-comicSo, what do the users do? They email documents to each other. They store stuff on local drives. They get laptops with intellectual property and personal information stolen, and can’t wipe the laptops or recover the content. They use cloud services to store sensitive information. And security struts around proudly thinking they’ve done something. They have; they’ve created a security hole bigger than the one they tried to plug with Citrix.

I mentioned to the client that they may want to use an Enterprise File Syncing and Sharing (EFSS) service. Their Director of IT Infrastructure told me that the executives were scared of any cloud service that stores data in the U.S. because of the PATRIOT act. Really? Do they not know that Canada has an equally odious piece of legislation? Do they not realize that if the U.S. government wants to get at stuff in Canadian data centres they will? And dig this … some of the better known cloud providers have been working on tools that would let the customer (that’s you, btw) maintain control of, and access to, encryption keys. No more sneak attacks by the government. Hey, they can still come to you and ask, but at least you’ll know, no? Can you imagine!?!

Blocking access to file sharing services doesn’t work. People will find other ways to connect (e.g.: phones make great wi-fi access points) or email documents around.

Instead of blocking access to consumer services, IT and security ought to:

  1. find out why staff is using the services in the first place;
  2. identify and provision SECURE enterprise grade services;
  3. develop appropriate policies for using EFSS services, including remedial action for violating the policies.

If staff are using consumer services to share business content, it’s a pretty safe bet something is wrong with the corporately provided tools. Fix them.

Part of the fix may actually be to provision EFSS to staff. Think about this for a moment; EFSS providers make money by providing a secure way for people to share content and collaborate.

How do you make money? What’s your core strength?

By Chris Walker

Chris Walker

Chris is an independent consultant that is involved in the Information and Content Management space. Chris is also a prominent keynote speaker and writer who has published articles on sites such as CMS Wire and Tech Target.

View Website

BRANDED COMICS FOR YOUR NEXT CAMPAIGN

Get in touch with us regarding our introductory rates!

Exploit the Economics of Artificial Intelligence with Design Thinking and Data Science

Exploit the Economics of Artificial Intelligence with Design Thinking and Data Science

Economics of Artificial Intelligence In my most recent blog “Design Thinking Humanizes Data Science”, I discussed how Design Thinking and ...
The Current Wave of Smart Home Technology

The Current Wave of Smart Home Technology

The Future of Smart Home Technology Some say the vision of smart homes kicked off with the invention of household ...
Collaboration and Beyond: Four Technology Trends That Will Have Maximum Impact

Collaboration and Beyond: Four Technology Trends That Will Have Maximum Impact

Collaboration Trends Four Technology Trends 2017 is coming to an end, which marks the time of year when we take ...
Using the Digital Transformation Journey Workbook to Deliver “Smart” Spaces

Using the Digital Transformation Journey Workbook to Deliver “Smart” Spaces

Key points of this blog include: Digital Transformation sweeps aside traditional industry borders to create new sources of customer and ...
Apcela

Why Enterprises Need Communication Hubs for Today’s WAN

Enterprise Communication Hubs As early as 2014, Gartner analysts were touting the benefits of communication hubs as a means to ...

How to develop an IoT strategy that yields desired ROI

/
This article is the second in a four-part series designed to help companies maximize their ROI on the Internet of Things (IoT). In the first post, we discussed how IoT can transform businesses. In this ...

Oracle Powers Full BIM Model Coordination for Design and Construction Teams

/
Press Release Oracle Powers Full BIM Model Coordination for Design and Construction Teams Aconex cloud solution connects all project participants in model management process to eliminate ...

Amazon Transcribe is now available in Asia Pacific (Seoul) and EU (Frankfurt) with added language support for Spanish (ES)

/
Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for you to add speech-to-text capabilities to your applications. Starting today, Amazon Transcribe becomes available in two new AWS regions, Asia Pacific ...