For as long as the term “Shadow IT” has existed, technology vendors have encouraged IT professionals to uncover unsanctioned IT in their organizations so they can block it. And if you think about things from a purely security-oriented point-of-view, blocking makes a lot of sense. But we and our customers are taking a different tack. Our point of view is that blocking any useful technology doesn’t work and ultimately does the IT organization and the business a disservice. Cloud apps like Box, Dropbox, Jira, NetSuite, and Workday help people get their jobs done more efficiently and flexibly. People will always find ways to use cloud apps, even if it means going outside of enterprise policy.
Our view is that with a little diligence, the right data, and the ability to enforce policy in a very precise manner, enterprise IT can eliminate the catch-22 of enabling the cloud while protecting the enterprise. By looking closely at cloud app usage, using granular policies to shape behavior, and using data to have a conversation with users and lines of business, they are eschewing heavy-handed controls for a more nuanced and effective approach.
Earlier today we released a new brief that provides 10 best practices generalize from the thoughtful and creative approach our customers are taking. I’ve included a three here – the rest can downloaded and shared with your colleagues.
The above are ways our customers are taking a lean-forward approach to cloud adoption and enablement while also mitigating risk and keeping their businesses compliant with their policies. What’s cool is not one of the ten examples above includes an outright “no” to a cloud app. While some of our customers conclude that blocking an app is the right approach, it is with the right usage data, the right information about app risk, and the granularity to shape usage with a fine scalpel versus a sledgehammer.
Interested in hearing the other seven?
Download the full “Allow is the New Block” in Action: 10 Alternatives to Heavy-Handed Cloud Control