Note: When we posted this blog more than two years ago, coaching workflows were an important part of many of our customers’ cloud security strategy. This capability continues to be key today with customers using Netskope to enable their users to justify their actions. This leads to a reduction in the number of events that the security team has to triage.
#1 Be transparent and integrate coaching as an automated workflow
It is well documented that Steve Kerr has a great relationship with his players and there is a clear understanding around what his strategy is, why he is doing it, and how each player is impacted.
The same principle can be applied to coaching users about using the cloud. Implement an automated workflow that presents users with a custom message that notifies users, educates them, and simply gives them a head’s up about what the policy is. Putting an NBA player in an uncomfortable position on the court is typically not a good strategy for success and neither is leaving a cloud user in the dark as to why they are being blocked.
#2 Identify risky activities across all cloud apps and coach users to do the right thing
NBA players do risky things and it is a coaches job to mitigate that risk. For coach Kerr, this might involve sitting a player down to let them cool off after they are involved in a bad situation on the court or telling a player to play smart defense so they don’t pick up their 6th foul. In either case, you need to coach users based on the situation and activity.
The same is true for users of cloud apps. You need to understand what the users are doing whether it is uploading sensitive data to an unsanctioned cloud app or sharing content outside of the company, stop them from doing it and coach them on policy. Simply blocking the unsanctioned app is not enough and in many cases taking out your star player with 5 fouls might not be your best strategy either.
#3 Coach users away from risky cloud apps and towards sanctioned ones instead
Changing habits of NBA players can be a real challenge. For coach Kerr, he has done an exceptional job in helping players adapt to their evolving role on the team. David Lee and Andre Iguodala had to take on minimized roles this year, but Coach Kerr worked with them and helped them understand how their role may have changed but it is just as critical as before.
Coaching cloud security users requires a similar technique. When users are used to using certain cloud apps and those apps are not only unsanctioned, but deemed as potentially risky, coach the user and let them know that there are alternative sanctioned apps with similar functionality. Again, do this using an automated workflow.
#4 Don’t be blind; make sure your coaching reaches users that are mobile and remote
The Warriors have been fortunate to have the team in tact for most of the season. There are occasions however when some players get injured or take a day off for personal reasons and they are not able to be with the team during a practice session or even a game. Coach Kerr does a good job keeping these players in the loop even when they are remote and updates them with game plans, suggests film sessions, and keeps in contact.
Mobile and remote users continue to be a growing populous when it comes to consumers of cloud apps. In many cases IT is blind to these users, not knowing what apps they are using or what activities they are performing. User coaching needs to extend to mobile and remote users. Your cloud security strategy is only as strong as its weakest link.
#5 Don’t be generic; fine-tune your coaching message based on the situation
There are a ton of unique situations that take place in 48 minutes of NBA play and the game plan often evolves not only game to game, but within a game. Steve Kerr would not be successful if he stuck with the same coaching plan, regardless of the situation. During game 4 vs. Memphis, he decided to not guard Tony Allen and instead focus the defense on the big guys in the middle. He tailored the plan to the situation and it paid huge dividends.
Coaching cloud users is similar as you don’t want to use the same coaching for all situations. Instead, tailor a special coaching workflow and message that is tied to the actual activity. If data is being quarantined, tell the user and let them know why and what their recourse is. Take this a step further and build justification into the workflow, enabling users to justify their actions and proceed based on a specific activity sequence.
Steve Kerr may not be a security practitioner, but he is one heck of a coach. #dubnation
Learn more about coaching users to safely use the cloud at https://www.netskope.com/platform/
