Should You Block Non-Approved Cloud Apps?
The average enterprise has roughly 461 cloud apps running within its organization (with cloud-based file sharing likely among them). Of course, a good chunk of these apps are likely used for online file sharing – and one would expect that a high percentage of those would not comply with HIPAA, SOX, PCI or any other number of industry regulations. Should companies block these types of non-approved cloud apps?
July 28, 2014
By Michael Brown 1
According to one recent report, the average enterprise has roughly 461 cloud apps running within their organization (with cloud-based file sharing likely among them). You read that right, four hundred and sixty one! Of course, a good chunk of these apps are likely used for online file sharing – and one would expect that a high percentage of those would not comply with HIPAA, SOX, PCI or any other number of industry regulations.
As you know, this opens an organization up for fines, security breaches and a whole host of other problems. As an MSP (or even as the CTO of a smaller organization) your first instinct is probably to ban these applications. That instinct might be wrong.
Despite the threats that come consumer-grade file sharing solutions, many companies are learning that outright bans are actually quite counterproductive. More on that in a moment. First, here’s an interesting perspective from CloudLock on Cloud Security Dos and Don’t’s:
Don’t block. While blocking may prevent a rush to the end zone, it will not stop users from finding a way to share data into and out of your domain. Most employees just want to be able to get work done without being held back by clunky software, gateways, or other productivity inhibitors. Shift your perspective. Educate the end user as to what tools and applications fall within the guidelines of acceptable use.
Do understand that shadow IT will happen when users are forced to seek alternative ways to achieve their goals. Instead, show them what the expectations are around data storage and creation, then let them run with the ball.
The first point cannot be emphasized enough; employees will always find the easiest way to get work done online. Therefore, by blocking these applications, MSPs could actually be doing much more harm than good.
"Blocking doesn't work, blocking breaks business process," said Jaime Barnett, vice president of marketing at Netskope. "Ninety percent of usage is in blocked apps."
Ultimately, we find that rouge applications are not so much a technical problem from MSPs, as they are a communication problem.
In other words, if employees are not explicitly shown how business-grade file sharing works (and how it makes their lives easier) they will continue to go rouge. So how can you convince a client (and its employees) that your solution is just as intuitive and convenient as the consumer equivalent? Easy: BY highlighting the features. Here’s a partial list of functionality that users have shown a preference for:
Drag and Drop: Users want a simple way move files from one folder to another – and the easiest way to do that is via drag-and-drop functionality. This is a staple of most consumer-focused file sharing software applications, but there’s a good chance that your solution offers this same feature. If it does, be sure to highlight that fact.
Notifications and Alerts: Has a document been edited, updated or deleted? These are a few of the key questions that business users always want to know. While admin notifications are critical to a file sharing solution, user notifications are just as important.
Easy Mobile Access: What good is a file sharing solution if data cannot be accessed, edited and shared via a mobile device? Consumer-based file sharing software is almost always accompanied by a native app for iOS, Android, Windows Phone and BlackBerry. Ideally, so does yours.
Version History: Not every change is an improvement. So when a file gets butchered, users want the ability to easily revert back to a previous version.
Collaboration: Users need a file-sharing system that enables them to collaborate – not only with their co-workers, but with outside parties where necessary. As such, they need a file sharing solution that includes guest access.
As an MSP, do ban (or suggest banning) non-approved applications? If so, we’d love to hear a counter argument to the views expressed above.
You May Also Like