When business professionals think of IT security, their eyes roll a little bit into the back of their heads. For them, IT security is an annoyance, but we don’t have to accept the status quo. There is more to IT security than putting up speed bumps and barriers to progress. Once you have visibility of your network’s cloud app use, you can make better technology decisions. You can use cloud visibility to consolidate cloud apps, streamline processes and encourage technology leadership.
Create a Strategy
With visibility, you can see how prolific cloud app use is on your network. We know that employees use an average of more than 700 unsanctioned cloud apps, and when you have visibility, you’ll have proof, but IT security doesn’t have to be a top-down pain in the neck for employees. Instead, the focus should be on helping employees and strengthening existing processes. Security improves automatically when businesses follow the best practices for cloud apps use. For example, you can leverage cloud visibility knowledge to answer the following questions:
- What data deserves more consideration?
- Are there existing processes that can be modified and improved?
- Can you consolidate cloud apps and streamline their use?
- Who can you include in the process that would help roll out and maintain these processes?
Answering these questions should be an ongoing process that helps maintain standards over time, so this isn’t a set it and forget it situation. Cloud apps and their third party integrations will quickly make any one-off security strategy obsolete. These questions should be answered by each department and for each cloud app. Left alone, security degrades over time: passwords are shared, rules are broken, processes aren’t followed. Businesses have to be diligent, and should also cede some control to trustworthy employees. These internal partnerships help make IT security everyone’s responsibility. Like Gigamon’s We Fight Smart initiative, security only works through ongoing effort and collaboration.
The Process in Action
Betsy is the head of accounting. Personal employee data is mostly under her control. This data includes social security numbers and other Personally Identifiable Information, such as social security data, which deserves more care than the rest.
Payroll is processed by on-premise software and coordinated with an off-premise, outsourced payroll business. Payroll is an unnecessarily laborious process for her. The personal data is already transferred digitally to the payroll vendor every month, so using a cloud app shouldn’t create additional security concerns. Switching to the cloud app Paycom for payroll would cut costs by over 50% and streamline the payroll process. You put Betsy in charge of the conversion process and create a standard operating procedure for handling SS data.
By answering these simple questions, you gave Betsy a new responsibility, refined a business process and improved IT security.