Cloud technology is revolutionizing businesses the world over, extending the capabilities of employees to work and collaborate anytime, anywhere on any device. However, what we are seeing right now is that many uses of the Cloud are disorganized, with most Cloud purchasing being organized at the business unit or employee level. This leads to a chaotic distribution of cloud applications that remain outside the control of IT, contributing to a rise in Shadow IT.
In Canada, where cloud adoption is not quite as high as in the US, security concerns remain a top issue with current cloud use. According to an IDC survey of Canadian IT decision-makers, 57% have not adopted client and endpoint protection, 54% have not adopted data classification and accountability, 48% have not adopted identity and access management and 59% have not adopted application-level controls.
One could argue that these findings demonstrate a failure to implement basic data security controls, non-specific to controls for data security in the cloud. An analysis by Data Center Knowledge suggests that organizations may be feeling pressure to become progressively more sophisticated, adopting cloud technologies without thinking through the security ramifications. The survey notes how poorly executed cloud-based technologies can exacerbate security problems for organizations.
Obviously, the cloud isn’t going away. The solution is not to clamp down on cloud use. The solution is to bring that use out of the shadows and into the light. Business-level cloud decisions are inefficient and contribute to problems securing data in all the little pockets where it lives. Organizations must translate that understanding into a strategy that embraces the cloud, with clear executive-driven guidance on organizational cloud use. Supporting that policy would be technologies that back up your policies, providing automated alerts if policies are violated with remote capabilities to remediate these threats.
Staying secure in the cloud is a shared responsibility and the use of tools such as Absolute DDS can help achieve that missing visibility into endpoint devices and the data they contain, even in cloud storage applications. Using Absolute DDS, you can identify corporate devices containing files that are synchronized with cloud storage applications, scanning for at-risk data with remote capabilities to remediate potential compliance violations. Learn more about how to take control of at-risk data in the cloud at Absolute.com