Recently, I had the opportunity to hear the former Kodak Product Manager speak - he was there when the downfall occurred. He said all the criticism he received from the management team about the technology was spot-on. The problem was, they could not see beyond the traditional benchmarks, like picture quality, to understand that the ease by which digital images could be shared would change their business forever. The takeaway is, when you look at the cloud and mobility, look at all it can do, especially those things you could never do before. Don't get caught up on the fact that it doesn’t do things the way you've done them before.
Take a typical office space as an example; many organizations feel their data is safest behind its four walls. Maybe that's because there is a sense of where it all lives, but in today's world, that’s rarely the case. For example, many of us spend as much time working outside the office as we do in it. Organizations are taking on more remote employees in order to acquire and keep the talent they depend on. Desktop PCs have been replaced by laptops, tablets, and smartphones, and many line-of-business applications are already in the cloud. In some cases, employees are already using cloud applications to make their jobs easier. So, does that mean organizations truly know where their data lives, travels, and is safest?
In some cases, organizations feel the cloud will increase risk, but in fact, and with the proper due diligence, the cloud offers greater security and solutions that were previously unattainable for many small-business organizations. The adoption challenge is that this type of security is delivered in very new ways. The major cloud providers such as Microsoft, Amazon, and Google all have their strengths and can show that they have done, and continue to do, extensive work to secure their systems. However, that does not make organizations feel comfortable when it comes to securing access to their data. To alleviate such fears, here's how the security of the cloud comes into play:
- Identity Management: When users connect from anywhere at any time, be assured it's who they say they are.
- Multi-Factor Authentication "MFA": Have a second, physical form of authentication in addition to username and password. It is now easier to own and to use.
- Single Sign-On "SSO": Secure all cloud assets with a single identity that is centrally managed. This also eases access to these applications for users.
- Mobile Device and Application Management "MDM/MAM": Know and secure the devices connected to a company's network, cloud assets, and the data they contain.
- Conditional Access: In an ever-expanding world of employee devices, organizations will not be able to own them all or connect them to a business domain. With cloud security, businesses can make sure devices are compliant before allowing them to connect.
- Data Loss Prevention "DLP": This enables companies to identify critical and sensitive data in the network and cloud assets. With the right policies, organizations can also spell out who has access and how the information is shared (this is a very broad topic and will be covered on its own in the future).
Yes, it’s a lot to think about, compared to the steps used to secure a user and data today. The cloud can change a business model for the better with more security and the risk can be managed by working with a partner who is familiar with best practices. The next blog post will focus on cloud applications, cloud storage, and how to utilize both to transform a business.
To ensure you don't miss out on this series, be sure to subscribe to the SE Blog by clicking on the button below.