The number and variety of cloud services offered to enterprises is growing at a staggering rate, and the adoption of cloud services by these enterprises is growing just as rapidly. Gartner says that 72% of enterprises use Software as a Service (SaaS) today and expect a Compound Annual Growth Rate for SaaS of 52.4% off the current base of $14.5B. What's more startling is how much spending on cloud services occurs outside of IT. Gartner predicted that a full 35% of IT spending would take place outside of IT by 2015 - only two years away. By the end of the decade, that figure will hit 90%. This segment of cloud services purchased outside of IT is often referred to as "Shadow IT".
Enterprise employees purchase cloud services for a variety of reasons. They provide rapid scalability, reduce time-to-value, offer agility and ease of use, and enable a shift from capital expenditure to operating expenditure. However, use of these services can come with significant security, legal, and business risks, especially when they are procured and managed outside of IT's visibility and control. In this whitepaper, we will share the best practices used by real companies to reduce the risk presented by the use of approved and unapproved (Shadow IT) cloud services.
While a cloud service anomaly, such as the Twitter example mentioned above, is a very good indicator of malicious behaviour, and investigation must be conducted in order to determine the context and intent of the anomalous behaviour. For example, the user associated with the IP address that had 1M tweets may have simply contracted a malware virus that had seized her Twitter account, or she could have been intentionally leaking confidential data. In most cases, the best practices is to look for a legitimate business use case, compare their activity to benchmarks, and then contact the line of business manager and corporate security to alert them of the issue, monitor their activity, and intervene if needed.
Top 10 Best Practices for Managing the Risk of Cloud Services
1. Identify all cloud services in use & evaluate risk
2. Block all high-risk services & suggest lower-risk alternatives
3. Confirm all corporate data removed from newly-blocked services
4. Alert employees using recently compromised services
5. Detect and remediate policy inconsistencies
6. Search for anomalies in user behavior
7. Conduct investigations into anomalous behaviors i.e. cloud usage patterns
8. Encrypt data going to key services
9. Use Data Loss Prevention Software (DLP) to avoid compliance risk
10. Track progress regularly
Enterprise employees purchase cloud services for a variety of reasons. They provide rapid scalability, reduce time-to-value, offer agility and ease of use, and enable a shift from capital expenditure to operating expenditure. However, use of these services can come with significant security, legal, and business risks, especially when they are procured and managed outside of IT's visibility and control. In this whitepaper, we will share the best practices used by real companies to reduce the risk presented by the use of approved and unapproved (Shadow IT) cloud services.
While a cloud service anomaly, such as the Twitter example mentioned above, is a very good indicator of malicious behaviour, and investigation must be conducted in order to determine the context and intent of the anomalous behaviour. For example, the user associated with the IP address that had 1M tweets may have simply contracted a malware virus that had seized her Twitter account, or she could have been intentionally leaking confidential data. In most cases, the best practices is to look for a legitimate business use case, compare their activity to benchmarks, and then contact the line of business manager and corporate security to alert them of the issue, monitor their activity, and intervene if needed.
Top 10 Best Practices for Managing the Risk of Cloud Services
1. Identify all cloud services in use & evaluate risk
2. Block all high-risk services & suggest lower-risk alternatives
3. Confirm all corporate data removed from newly-blocked services
4. Alert employees using recently compromised services
5. Detect and remediate policy inconsistencies
6. Search for anomalies in user behavior
7. Conduct investigations into anomalous behaviors i.e. cloud usage patterns
8. Encrypt data going to key services
9. Use Data Loss Prevention Software (DLP) to avoid compliance risk
10. Track progress regularly
SHARE
