The increasing popularity of cloud computing and always-connected mobile devices has led to more and more businesses migrating their data and software onto the cloud. The cloud brings with it reduced costs, increased mobility and easier scalability, amongst other benefits.
At the same time, however, the cloud also brings with it issues related to data privacy, security and residency. Although it would be counter-productive to turn your back on the cloud because of these issues, that doesn’t mean that you have to accept these risks as being part of cloud computing.
Recommended Reading: The State Of IT Security
If you’re running a business and want to take advantage of the cloud while still keeping your data secure, here are five tools to look at.
Cloud Apps And Shadow IT
But first, a bit about "Shadow IT."
The term refers to IT systems and services used without the knowledge and approval of an organization. It is not a new phenomenon, but has become a greater security risk with the rise of cloud computing, and the potential for SaaS applications being used without the company’s knowledge.
This only adds to the problems related to data security and privacy. Since the company is not aware of these apps being used, it’s impossible to implement policies to ensure the security of company data with these unknown cloud applications.
Three of the five applications in this list aim to mitigate this danger by implementing cloud application detection.
Bitglass, currently in beta, provides transparent protection for your business’s data. Useable on computers and mobile devices, Bitglass aims to reduce the risk of data loss and maintain your data’s visibility, even within the cloud as well as on mobile devices.
Bitglass combines a few different types of security into one package. As far as cloud applications are concerned, Bitglass is able to detect the usage of cloud applications and also encrypt data uploaded onto the cloud.
Bitglass can also track your business data anywhere on the Internet, so you maintain visibility even when employees upload data onto personal file-sharing services. In addition, Bitglass protects your business against the risk of lost or stolen mobile devices. Bitglass can also wipe data on a mobile device without needing to install any agents onto the device.
2. Skyhigh Networks
Skyhigh Networks discovers, analyzes and secures your use of cloud applications. It uses logs from your existing firewalls, proxies and gateways to quickly discover what cloud apps your employees are using.
From this, it provides you with a customizable risk assessment of all the cloud apps that are currently being used. Skyhigh’s analysis tools are able to detect inconsistencies in your security policies as well as potential data leaks.
Finally, Skyhigh Networks has what it calls 3-Click Security, which uses reverse-proxy technology to grant contextual access to the cloud, implement consistent policies across clouds and allow direct access to clouds without needing VPNs or device agents. In addition, Skyhigh can encrypt data and implement data loss protection.
Netskope is a service that discovers and monitors cloud apps and shadow IT used on your network. Netskope monitors users, sessions, shared and downloaded content as well as the shared content details, and provides detailed analytics based on this information.
These analytics also allow you to ask business- or security-related questions in order to identify weaknesses or opportunities. In addition, Netskope’s analytics can construct a detailed audit trail in the event of security problems.
Netskope’s fine-grained policy enforcement means you can allow your employees to use their favourite cloud apps while only blocking unwanted activity. Your employees can continue using cloud apps for increased productivity without any compromise on your data security.
CipherCloud is a cloud security software suite that works by encrypting or tokenizing data directly at your business gateway. Unlike the previous services, CipherCloud does not aim to discover shadow IT, but to ensure the security of data contained within known clouds.
CipherCloud encrypts data during the upload process, and decrypts during download. The encryption keys used for this process remain within your business network; thus, unauthorized users accessing data in the cloud will only see indecipherable text.
CipherCloud also comes with built-in malware detection and data loss prevention. There are specific builds for commonly used cloud applications such as Salesforce, Office 365, Gmail and Box, as well as a variant that can be configured to work with any cloud-based applications your business uses.
Okta differs somewhat from the previous solutions, in that Okta’s goal is to provide secure Single Sign-On (SSO) for all the cloud, on-premise and mobile applications used in your business. Okta is pre-integrated with common business applications from Google, Microsoft, Salesforce.com and others.
Okta’s features include automated user management, support for mobile devices and applications, multifactor authentication and flexible security policies.
It also provides audit logs, thereby enabling you to trace user access to cloud apps, as well as the ability to set access policies from a centralized position. Role-based administration is also available, which provides detailed granular control over Okta’s features and the administrative rights for these features.
Each of these services attempts to tackle and provide solutions for the data security issues present with cloud computing, yet their suitability for your business will depend entirely on your security needs and problems.
If shadow IT is a problem, perhaps Netskope or Skyhigh Networks will be the service for you; if encryption and the ability to trace your business’s data regardless of location is of a higher priority to you, Bitglass has to be first on your list.
At the same time, however, it’s important to remember that these services will not be able to rectify certain fundamental issues that might lead to compromised data security. If your employees resort to shadow IT cloud applications, perhaps you should look into why they feel the need to bypass your business’s IT department. And if your employees keep downloading business data in order to continue working at home, you should ask why they feel the need to do so.