123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Carefully Monitor Cloud Policy Exceptions For Misuse

Profile Picture
By Author: Lauren Ellis
Total Articles: 35
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

You know the old adage – “For every rule there is an exception.” (Please temporarily ignore the paradox this creates). This saying certainly seems to apply to every cloud access policy I have ever seen. Here are some of the most common examples:

A financial services company sees only risk and no value in providing access to social media platforms from desktop workstations, but then the Marketing group needs to promote the brand on Facebook and Twitter so they are given an exception to use social media services.

A tech company’s sales team is not permitted to access their corporate Cloud Security services like Salesforce from personal tablets without having to VPN into the corporate network. However, when the CEO and VP of Sales want to travel with their iPads only, they are granted an exception to directly access the services they use everyday, like Salesforce, Workday, Netsuite, and Box.

These exceptions make sense. IT wants to enable business units to use the services that help them do their jobs, and sometimes those services exist outside of the blanket ...
... cloud access policies governing day-to-day usage.

So guess what happens when a company has to grant access to a service? There is no easy way to grant access just to a service, so the exception is granted for the entire category. The result: employees are granted broad access to all services in the category, effectively allowing an access level beyond the intent of the policy exception.

Here’s an example – a healthcare company had fairly restrictive cloud storage policies due to the HIPAA and HITECH Cloud Compliance requirements. They prohibited all use of personal cloud storage services, but their CIO was asked to make a policy exception for a newly acquired business unit to use Mozy, an online back-up service. When granting access to this service, they allowed the entire cloud storage category for these users. Only later and by accident did they discover that usage had crept beyond Mozy to several high risk file sharing services including Dropbox, Zippyshare, and Carbonite, creating a compliance and security risk that was in violation of their corporate policies.

The lesson here is that when you grant exceptions, you also need visibility to make sure usage hasn’t unintentionally crept beyond the intended exceptions to new, high risk services that lead to greater compliance, security and governance risks.

Author :
Lauren Ellis is a research analyst covering the technology industry’s top trends & topics, focusing on Cloud Security, Cloud Computing, Data Loss Prevention etc.,

Total Views: 546Word Count: 417See All articles From Author

Add Comment

Computers Articles

1. Fantasy Sports Analytics Through Myteam11 App Real-time Data Extraction
Author: i web data

2. Extract Kroger Grocery Store Locations Data For Expansion
Author: FoodDataScrape

3. What Benefits Can Businesses Gain From Doordash Menu Data Scraping?
Author: FoodDataScrape

4. Amazon Fresh Scraping Api Helped Client To Enhance Market Insights
Author: FoodDataScrape

5. Leverage Web Scraping H-e-b Grocery Chain Data
Author: FoodDataScrape

6. It Gadgets Online: Powering India’s Tech Enthusiasts With Premium Pc Components And Gaming Gear
Author: ITGadgetsOnline

7. Reliable Incubator Monitoring And Refrigerator Alerting Solutions For Critical Environments
Author: Chris Miller

8. Extract Total Wine Data For Flavor And Ingredient Insights
Author: FoodDataScraper

9. How To Utilize Firebase Dynamic Links To Integrate Deep Linking On Ios?
Author: davidjohansen

10. How To Start Web Automation Testing Using Selenium And Python?
Author: davidjohansen

11. How To Perform Firebase A/b Testing On Ios?
Author: davidjohansen

12. Python Pandas Tutorial – A Simple Guide For Beginners
Author: Tech Point

13. Scrape Dubai Restaurant And Café Contact Info
Author: FoodDatascrape

14. Best Online Computer Store In India | Itgo - Itgadgets Online
Author: ITGadgetsOnline

15. Getir Grocery App Data Scraping - Benefits & Best Practices
Author: FoodDataScrape

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: