Enabling Cloud Service Adoption Through Frictionless Corporate Data Protection

By Author: skyhigh networks
Total Articles: 54
Comment this article

In a casual discussion last weekend my teenage daughter observed that human evolution is slowing down because technology allows us to compensate in areas in which nature otherwise would have extinguished those genes. We can discuss the merits of that observation some other time but it got me thinking about the converse: evolution that is accelerated by technology. Whether you call it evolution or not, we are getting less patient with friction in our use of technology. We want our choice and we want it now, and the myriad of choices is making it more challenging to define the new baseline. Let me elaborate.

In the consumer IT world we click on a link, perhaps create an account, and we start to use Box, GDrive, Dropbox, and a host of other cloud services (in the enterprise IT world we will want to use Salesforce, Jive, ServiceNow, and host of other cloud services too). No friction. In the worst case we may have to pull out our credit card, but we don’t have to fiddle around with downloads, agents, PAC files, VPN clients, backhauls and other similar sources of frustration which cause friction and impede our experience ...
... using the service. Then why put up with this friction when using these services in the enterprise? Because enterprise IT organizations require it to reduce risk and maintain security, compliance, and governance. They have no other way to enable you to use the cloud services you care about while protecting corporate data going to and from the cloud service.

Let’s look at the world from the point of view of the enterprise IT organization. IT organizations are as uninterested in adding friction to your experience as you are. In fact, they too want to enable you to use the cloud services you care about while protecting data and with a similar experience where they can swipe a credit card and go. Just as you don’t want downloads and agents, they too would prefer not to buy appliances, install them, operate them, manage them, upgrade them, support them, etc. They too want to avoid friction, but they have no other way to protect corporate data while you use the Cloud Security Services you care about.

Now let’s look at the evolutionary aspect of choice – there has been chapter and verse written about choice which is manifest in terms like consumerization of IT, Bring Your Own Device (BYOD), Bring Your Own Cloud (BYOC), etc. In some sense choice is related to friction: I want to choose the IT environment that makes me most efficient. Or put differently, I want to choose the IT environment that offers me the least friction in getting my job done.

We know mobile is here to stay (and grow) – the days of being chained to our desks is dark history. We know cloud is here to stay (and grow) – the days of requiring our employees to only use applications that are hosted and operated by enterprise IT is also history. The new frontier for enterprise IT is the quest to enable the obvious mobile-to-cloud interaction while protecting corporate data and without introducing any friction.

Now to protect corporate data, enterprise IT Security and Risk organizations need to enforce policies like data encryption and tokenization, data loss prevention, and access control based on the context of the access. Common aspects of context include who is making the access, what service is she accessing, what data is in the service, from what device is the access initiated, and from which location. However, modern threat vectors also require us to understand if the access is somehow anomalous which may indicate a data breach and then take corrective action – encrypt, tokenize, block, alert – based on that analysis.

But with so much simultaneous churn in the number of devices and services being used by our employees today, it is becoming a challenge to determine what is normal behavior and therefore what is anomalous behavior that needs further inspection or corrective action.