ALL >> Computer-Programming >> View Article
Shadow It Also Brings Shadow Costs
Total Articles: 56
When Susan Emsley, a nurse at Stanford Hospital, uploaded patient records to Dropbox, she felt like she was improving quality of care. With access to records across computers and mobile devices, doctors could immediately find information to make better decisions. “I mean, we all thought that this was a great way to put information at everyone’s finger tips and manage it electronically.”
Everything went well until Dropbox experienced a major security breach. Under the Health Insurance Portability and Accounting Act (HIPAA) the hospital was required to notify the 13,000 patients whose privacy was potentially compromised because their records were stored on Dropbox during the lapse in security, igniting a multi-million dollar lawsuit against the hospital.
The cloud is transforming business for the better, making employees more productive and the business more agile. Whether you take a cloud-first approach to major technology projects, or have a wait-and-see approach, employees in the business are using a plethora of different services and apps to do their jobs at the office and anywhere with an internet-enabled device. The average company now uses 626 different cloud services and this number is growing every day. But for CIOs, CISOs, and IT organizations, these unmanaged cloud services are causing concern about the privacy, security, and compliance of corporate data.
Most employees don’t go through an extensive vetting process before signing up for a new service on their computer or mobile device. Many cloud services don’t have enterprise-grade security. In a recent report, found that only 11% of cloud services were ready for the enterprise. Among cloud services:
• 15% multi factor authentication
• 4.3% have ISO 27001 certification
• 11% encrypt data at rest
IT organizations aren’t only worried about the company’s data when it leaves the building, the cloud presents a new platform to launch malware. That’s why the cloud is a top concern among enterprise IT and also being brought up more in risk management conversations. IT Security teams need a framework to assess the risk posed by cloud usage, track this risk over time, and take steps to reduce this risk. Having a quantifiable, objective framework also removes emotion from the equation and allows IT to have a data-driven conversation about balancing the benefits of cloud with the risks.
Before you take any steps to reduce the risk of cloud usage at your company, you first need to assess your current risk. You can think of this step as establishing your baseline level of risk, but you’ll use this same process to evaluate risk going forward. Starting this now is important so you can measure the impact of your changes and demonstrate all the risk you’ve reduced after you’re done. There are two main drivers of cloud risk: the risk of the cloud services based on their security controls, and the type of data and usage patterns of those services.
Each cloud security service presents different risks to your company’s data. A cloud service that stores data unencrypted, is hosted in an unfriendly foreign country, and asserts ownership over the IP uploaded to the service is inherently riskier than a service that does the opposite. Then there’s the use of the service that presents risk. When regulated data like social security numbers or credit card numbers makes it way to the risky cloud service, the company is at greater risk than if less sensitive data like lunch menus were uploaded to the same service.
Skyhigh Networks, the cloud access security company, enables companies to embrace Cloud Analytics Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information on Shadow IT to Visibility and Cloud Control, visit us at http://www.skyhighnetworks.com/shadow-it/ or follow us on Twitter@skyhighnetworks.
Computer Programming Articles1. Reasons To Choose Indian Offshore Development Company For Outsourcing Your Business
Author: GRsoft Solutions
2. 3 Important Tips On Hiring The Best Digital Marketing Agency In Florida
3. Uber Parcel Equivalent To Uber Taxi
Author: Archie Cadell
4. Ibm Bpm Job Support
5. Website Design And Development Brampton
6. How To Configure Mozilla Firefox? By Mozilla Firefox Technical Support Number 1-800-299-0962
Author: Jhon Martin
7. App Store Seo | Development Of Your Mobile Application
Author: Richelle Guo
8. Create Your Outstanding Website|codefingers Technology
Author: code fingers
9. Buy Customise Uber App Clone In Rtl Or R2l Language
Author: Archie Cadell
10. What Are The Most Important Hadoop Challenges?
Author: Mind Q Online
11. Why Bots Matter
Author: Julia Rogers
12. Best Windows And Linux Web Hosting Company In Usa - Deedok
13. Get Your Aso Services Here|codefingers Technology
14. A New Teaching Experience With On Demand Uber For Tutors Application
Author: Felica Carroll
15. The Indispensable Traits Of An Ideal Uber Clone
Author: Archie Cadell