If you’re not in the cloud, you’re just not in. According to a leading security vendor, enterprises are now using over 900 SaaS apps on average. That’s a pretty whopping number—up 21% from last year, and it’s only going to keep going up. With so many great cloud apps available for everything from project management to document sharing and collaboration, they can be really beef up employee and overall company productivity. But (and there’s always a “but” isn’t there?) the problem with all these great apps is that not all of them are operating within sight and control of the IT department. In fact, the Ponemon Institute recently reported that about half of cloud services being used are not deployed by IT, and almost half (44%) of corporate data stored in the cloud is not under its control. Um, that’s an awful lot of unsecured data floating around out there in the cloudosphere.
All the apps and data floating around outside the control of IT are called Shadow IT. Sounds sinister, doesn’t it? Well, it kind of is. The risks posed by Shadow IT—including data security and corporate compliance—are real, and have given rise to a new breed of cyber security guards: Cloud Access Security Brokers or CASB. That’s us. (Hello! So nice to meet you. Can we show you around?)
CASB’s are patrolling the perimeters to keep the riff-raff (hackers, disgruntled employees, careless folks who don’t get why they can’t just send all that sensitive information via their personal Box account) out and keep the goods (your precious data and sensitive information) safe. We discover, monitor, and control the five W’s of Cloud apps in your company:
- Who’s using Cloud apps?
- Which apps are they using?
- What data are they sending?
- Where are they using them? (On-site or off?)
- Why are they using them?
- How are they using them? (Company or personal devices?)
(Ok so technically that was 5 W’s and an H, but you know what we mean.)
Funny thing about CASB’s though—most of them are SaaS apps. So the first step you have to take in order for them to discover what information is being passed between your employees and the open waters of the Cloud is to upload sensitive data logs to—you guessed it—the Cloud. Does anyone else see the problem with this picture? If I came to you and said, “Hey, I’ve got all these great photos but I need to protect them better because my roof is leaking and I’m worried they’re going to get wet,” and you answered, “No problem! Give them to me, I’ll keep them safe in my bathtub,” that wouldn’t really solve the problem, would it?
Here’s the good news. With Managed Methods, you don’t have to upload your sensitive information, activity logs, or metadata to the Cloud. While we do offer cloud-based solutions, we also offer on-premise and hybrid solutions. Cloud Access Monitor lets you discover, monitor, and control cloud app usage in real time. It’s super easy to deploy and use, not to mention affordable. (It’s all about the Benjamin’s, right?) Cloud Access Monitor works by accessing a SPAN port on a switch or firewall, which can be done live on site or remotely. We analyze, archive, and report on activity, to help you reduce your risk.
Check out this white paper to learn more about Shadow IT threats and Cloud Access Monitor solutions. You can even start your free trial today—why wait? Shining the light into your Shadow IT is the first step to securing it.