A step in the right direction during National Cyber Security Awareness Month
October 2, 2013
The lastest on risks from social media in Episode 34 of the Social Media Security Podcast
July 5, 2014

Would your employer dare to take away your access to Salesforce, Box and Gmail?

 

t seems like the momentum is really swinging to allow employees to do whatever they want in terms of accessing the web, as long as they are getting work done. So, you’re empowered to use most Public Cloud apps like Box.net, Salesforce.com and even Gmail. Now, you can really get things done, right?

Public Cloud Services Are Demanding Attention From Security Teams

Well, not so fast. There are a growing number of risks, and some real regulatory compliance issues for business managers and executives to deal with in this area. You might not realize it, but they are starting to lose sleep over all the great new cloud-based and mobile tools you’ve decided you need in order to get your job done.

They have an uneasy feeling that something could go wrong. In fact, it seems like just a matter of time. Will the next security breach come from a hacker, or from an employee accidentally sharing some business document that should have been kept confidential?

The Key Questions You Need to Address

So, I have a few questions for you to ask of your IT management team:

1-  Do you know how you’re going to meet all of the compliance requirements that the Executive Committee has passed down (or is about to pass down) regarding controlling and monitoring corporate employee access to outsourced services – including Public Cloud services like the ones above?

2-  Do you know what kinds of information passing to external partners and employees outside the network perimeter are at risk from unauthorized disclosure and abuse by employees?

3-  Do you know what vulnerabilities are most likely to expose your external data flows to accidental and intentional threats?

4-  Do you know how you will control, monitor and contain external flows to mobile devices used by employees?

5-  Would you like a few tips on how to simplify these very tough questions, so that some of them might actually go away?

Here’s Where You Can Find Some Hints On How To Answer Those Questions

If the answer to any of these is NO, then you might want to suggest that a senior IT manager attend my webcast this week (Wed. April 2, 2014 at 1:00pm ET), where I’ll be exploring these questions, and proposing some answers that could collapse these issues into a much smaller set of challenges than your organization is currently facing.

Or, You Can Just Hope For The Best

On the other hand, if they’d rather spend their waking hours pondering every vulnerability in every mobile operating system and every cloud service provider, that’s up to them. But if that’s the case, I expect that it won’t be long before your access to those essential services you rely on to do your job might become interrupted sometime soon, as audits or hackers bring to light the web of vulnerabilities and unprotected data flows.

(…Cue the scary organ music…)

Click HERE for information on the upcoming webcast mentioned above. If the date is passed by the time you read this, please contact me at the email below to find out when you might be able to catch another session.

Scott Wright

The Streetwise Security Coach

Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com

Not sure if our services are right for you? Why not ask for a free consultation?

We can even ’test drive’ a demo during our first call to try out any options that are of interest to you.

LET’S GET STARTED