With Christmas just around the corner, there is cheer all around—people are up and about visiting friends, wishing them the very best for the times ahead and sharing gifts. Now, all of us have our own little secret list and for many of us it will mean that we will have at least one additional gadget which most likely will have the ability to access the Internet directly. We’ll download our favorite apps, and share pictures of the parties over Dropbox (or whatever your favorite cloud storage app happens to be). Once back at work, we will bring this new device along since it is so much better than the one we were using earlier. More apps will be installed and soon we’ll be accessing, annotating, and sharing documents and spreadsheets that contain specs of the product you are working on.
Some version of this plays out in all our lives. Work is no longer a place one goes to; it is simply what we all do—whether within the four walls of an office building or the proverbial coffee shop (no wonder coffee shops around the country do fantastic business). Users use apps without particular thought on what corporate IT may have rolled out. They’ll use Chatter for some of the interaction and use Evernote to keep all their meeting notes that have links to Google Docs, which is where another group keeps the reviewed documents. What is familiar becomes convenient; process or no process. This is the landscape that today’s IT is working in—while an inventory of apps from after the fact logs from some on-premise network “security” device is good enough for some rote stats shown in baseball cards, it is simply a start. This is where the analysis for cloud-resourced apps really begins.
As we engage with companies across different verticals, many of the key tenets of the how they intend to secure usage of cloud resourced apps are all remarkably similar. The goal of all the companies we are working with is to make data driven decisions.
Every company is interested to get a holistic view of the access that is happening across all the apps—not just the apps that have been officially bought that someone in the IT organization has administrative rights to. They expect to know not only when an app is accessed from a browser but also from its native client. They want to know how these apps are being used—activities performed and data shared within or from these apps—not just a collection of URLs that have been accessed. They want to know if any sensitive information is being shared outside of the company. They want to be told when anomalous activity is observed and want to have a direct manner to influence the end user behavior. And every company wants to deploy the potential solution as per their operational environment, not the one way a particular vendor deems appropriate.
If this sounds like your company, contact us at Netskope and we’ll share with you the tools that will help truly enable cloud security for any app.