For those of you old enough to remember the TV comedy series “Get Smart” featuring a spy that used his shoe for a phone, the good guys belonged to an agency called “Control,” and the bad guys were affiliated with “Chaos.” This month “Get Smart” celebrates its 50th anniversary, yet CIOs continue to struggle in a seemingly never-ending battle to restore control in a chaotic, cloudy world in which data security is less than transparent.
Much like the BYOD trend, the use of cloud-based services for sharing files is widespread and it’s likely that if you’re a CIO, your employees are already using them, whether they are officially sanctioned or not. Dropbox has led the charge to offer cross-platform file syncing for your personal files, and all the major players have followed suit, from Google (Google Drive), to Microsoft (SkyDrive), to Apple (iCloud). There’s also Box, Sugarsync, and many others. For consumers, they are perfect, providing easy instant access to photos and documents from any device. That familiarity and accessibility is why they’ve crept into the enterprise.
If you don’t take immediate action to regain control over your assets, then there’s a real risk you’re going to lose data. According to an article from Business Cloud News, a recent survey conducted by Fruition Partners of 100 CIOs found that 90% believe unsanctioned use of cloud services has created long-term security risks.
The solution to regaining control over IT is relatively simple, enterprises just need to adopt newer technologies and services so their employees don’t feel the need to use outside sources. If employees had a company-wide, cloud-based file-sharing service they could use just as easily as Dropbox then they would use it, and IT would have no worries that the information wasn’t secure and in their control.
Many CIOs see the need to bridge their internal communications people with their managed services provider (or MSSPs) on how best to educate employees about cloud services limitations, so that upper management feels confident about using cloud services in the first place. Before contracting with an MSP, make sure you ‘get smart’ and ask these questions:
When an enterprise selects a cloud solution it’s paramount to ensure that the enterprise has in-house controls, so you know exactly where your data is and who has access to it at all times. Make sure that you know what your cloud service partners can commit to. Don’t assume that your data is safe when you can’t even say exactly where it is.
And, speaking of ensuring that you do all within your own control to keep your data safe, protect your sensitive data with strong encryption before transferring it into the cloud. Some storage providers may offer server-side encryption, but encrypting your data on your own might be wiser. Control today, avoids chaos tomorrow.
This article was recently published in Network World.