backlink free directory. site rank » Trusted SEO Web Directory » Ethical SEO » Better Traffic » Higher Sales




Top Hits       Articles & Tutorials       WEB SEO Directory Statistics       Latest Websites       Suggest Article  

Article Home » Computers » Security

Steps to Safe Cloud Services Adoption

Submitted on: Tue, 06 Aug 2013 06:44:33Views: 369
Enterprises Cloud SaaS and IaaS are an unstoppable force sweeping through organizations large and small at a breakneck pace. The rapid adoption has allowed anyone in an organization with a Web browser and an Internet connection to take over (and pay for) traditional IT department functions such as email, storage and backup, and collaboration tools. As a result of this rapid shift, IT consultancy Gartner estimates that by 2015, 35% of IT spending will come from budgets outside of the IT department. That figure will grow to 90% by the end of the decade. The benefits of these fast-growing cloud services are undeniable and include service agility; wider choice of products; ease of collaboration; fast, cheap deployment, and swapping fixed capital expenditures for variable operating costs that can be ratcheted up or down to meet demand. While enterprises have long leveraged traditional cloud services such as and Office 365, employees increasingly use popular but lesser known services, such as Evernote (social bookmarking and document sharing) and Prezi (online presentation tools). They also log into SaaS services while at work for personal needs including photo sharing (Instagram), and social media (Twitter). To quickly build and test applications, developers at enterprises rely on cloud IaaS products such as Amazon Web Services, Rackspace and Heroku. From developers to marketers to salespeople, employees are accessing and using these cloud services with or without their IT department’s permission or knowledge.

Few, if any, CIOs know exactly how many services are in use on their networks, let alone which services are in use. According to a Jan. 2013 survey undertaken by Symantec[2], 77% of businesses have suffered rogue cloud deployments or unauthorized uses of cloud services. This lack of information means that IT organizations have no way to secure their networks against risky services or manage and mandate safe cloud service use by employees. IT organizations also struggle to maintain cost control over cloud services and to unify cloud service usage under more economical enterprise-wide contracts. Some of the world’s largest financial, health care and technology enterprises have successfully deployed Skyhigh Networks’ Cloud Services Manager product suite to leverage the benefits of cloud services and manage employee usage while minimizing the security risks and controlling costs.
Gain Visibility
The first step towards controlling cloud service usage and minimizing cloud services risk is to gain complete visibility into which services employees are already using. This is no simple task. Estimates of the total number of cloud services functioning right now range from ~2000 to over 5,000. New cloud services emerge every day. Any new application coming onto the market has a significant cloud component for backup and synchronization, at a minimum. It is also important to understand the breadth of the cloud security services universe. For example, if an employee visits a popular industry blog and writes a comment, chances are that the employee has registered and then logged into Disqus, the most popular blog commenting platform. Disqus is actually a cloud service. An employee working on an open source software project probably uses the GitHub repository system to store source code. This is another major cloud service that flies under the radar. Popularity of cloud services varies significantly by region and by platform. While DropBox is a popular sharing platform in the U.S., in Eastern Europe a service called 4Share is far more popular. For these reasons, establishing a solid cloud services policy and management strategy requires complete visibility and understanding of cloud service usage.

The only way to attain this visibility is through detailed log-file analysis, mapping back services accessed to business units and individual users. Initially, this is a “snapshot” that provides a baseline of cloud services accessed by employees. Log-file analysis alone is not sufficient. The analysis must be pushed into a simple-to-consume dashboard that allows lesser trained IT administrators to view a list of all services running and key details about those services (type of service, location of physical servers, potential risks of service, etc). For any cloud services management strategy to remain effective over extended periods, the snapshotting process must be moved towards a regularly discovery period done weekly, daily, hourly or even in real-time. This is essential because the cloud services landscape is evolving very quickly and a log-file analysis has a very short half-life both in terms of services accessed but also risk profiles of the specific services and even service details (ports accessed, types of service calls, communications protocols used).
Gain Service Insight and Analysis
The second step towards putting in place a strong cloud services management strategy is gaining insights into which services present the most risks. This is possible and relatively simple once an IT organization has obtained full discovery of all services in use. At that point, the IT security team should bucket the services into broad categories in order to compare similar services and perform comparative risk analyses. For example, employees in one unit may be using while those in another use Google Drive while those in another use SugarSync and 4Share. may present a very low risk while 4Shared is a very high risk. SugarSync, in comparison may be an acceptable risk. Once those risk assessments are completed, IT and cloud security services managers should identify the services with the lowest risk in a category and consider establishing a commercial relationship with the provider. With or without such a relationship, the IT security team can promote the lesser risk services across your employee pool while discouraging or blocking the use of higher risk services in the same category. Just like the log-file analysis and visibility exercises, cloud services risk assessment is a continuous activity that may require temporary halts or lockdowns on specific services. For example, the recent password breach at Evernote increased risk of that service until the breach was addressed.[3] Enterprises using Evernote should have reassessed their Evernote usage to minimize their risk exposure.
By sequentially following the methodology explained in this article, CIOs can quickly gain control of their cloud services exposure. More importantly, CIOs can transform their role inside the organization from that of a naysayer to a business enabler and an inclusive contributor to improved business operations via smarter cloud services usage and proactive cloud service selection. A well-executed cloud services strategy, used in conjunction with specialized tools such as Skyhigh Networks’ Cloud Security Manager, can deliver significant business benefits while actually improving enterprise IT security through full transparency and visibility. for more details visit

» Latest news on : Security
» Google News for: Steps to Safe Cloud Services Adoption

Lates tweets about Computers / Security

From @jamesdarwin101 on Fri Nov 16 07:46:55 EST 2018
RT @mr_spongebob15: Some pictures of MYX VJs! Dami mong security Sharlene!☹️💞 #MYXSlamJam2018
From @ThunderGawdKen on Fri Nov 16 07:46:55 EST 2018
RT @mattzap: CAN CONFIRM: Julian Assange has been charged, and prosecutors revealed it inadvertently in a court filing…
From @housenga on Fri Nov 16 07:46:55 EST 2018
RT @JillWineBanks: Julian Assange has been charged, prosecutors reveal inadvertently in court filing
From @susan_mangione on Fri Nov 16 07:46:55 EST 2018
RT @JudithCJones2: @LindaMusgrove9 @wvakitty @LiQuiDQuB @bjo9728 @dkfoster17 @UncleSamatha @AMBAMERICA @Real_AzKyle @gilli5 @ZeeInTheMoment…
From @cotetenplus on Fri Nov 16 07:46:54 EST 2018
RT @kbts_sci: いったい何が…。米ニューメキシコ州の山中の天文台が先週から謎の閉鎖中。職員らが退避させられ、FBIや米軍が臨場したそうです。関係者の口は堅く、何らかの捜査が行われている模様。現場は1947年のUFO事件で知られるロズウェルに近く、謎が謎を呼ぶ展開に。…
From @Yuzzpy on Fri Nov 16 07:46:54 EST 2018
RT @gigazine: サイバーセキュリティー担当大臣にも関わらず「PCを触らない」「USBが何か知らない」日本の政治家に世界中が騒然
From @lifeofwomen on Fri Nov 16 07:46:54 EST 2018
RT @LogicomDisti: Migrate your customers to the most powerful #SMB portfolio today. Whether it’s #switching, routing, #wireless, security o…
From @darrenoleary825 on Fri Nov 16 07:46:54 EST 2018
RT @GazaTVNews: 💥Breaking News💥 At least 2 Palestinian protestors have just been killed by Israeli sniper gunfire east of Gaza, as Palestin…
From @AmaClete on Fri Nov 16 07:46:53 EST 2018
RT @MollyJongFast: The greatest scam since Amway.
From @m49D4ch3lly on Fri Nov 16 07:46:53 EST 2018
RT @R3sp_Cyb3r: Cyber Feminist: Enterprise Security ‘Needs More Diversity’ -
Copyright © 2008 - 2011     VIC Consulting - WEB Development, website promotion & SEO services
Autos neuves et usagées | Ottawa used cars, furniture & real estate | Toronto Computers Security
Follow webseodirectory on Twitter