Posted on November 18th, 2011 in Cloud Governance, Storage Made Easy | 3 Comments »
The proliferation of Cloud Storage and Cloud SaaS Services is both a blessing and a curse for businesses. In the past IT was able to control and lock down which applications and services could be used, but today services such as Box.net, and DropBox, and a host of others gives IT at best a headache and at worst a challenge that is a constantly moving target.
End users are also driving for use of such tools as they strive to increase personal productivity which the various SaaS services provide, and which IT would like to ban or lock down so they become the antithesis of what they were intended to be.
Even tools that are authorised by IT are not necessarily immune to this problem. What happened to that file link a user shared from SharePoint? Who opened it? Was it supposed to be shared?
Recent research commissioned by Opsview reveals 67 percent of UK IT decision-makers worry about how easy it is for their staffs to sign up and install cloud services. The survey also found that 76 per cent of IT directors admitted employees are likely to flout IT policies in order to make use of cloud services. This research was backed up by separate research conducted by Global Technology Provider Avanade in which it revealed the emergence of Cloud sprawl had 67% of 600 executives interviewed in the UK were worried that the rapid adoption of publicly-available cloud services was putting their company at risk.
What is required is some form of Cloud Governance to give back control to IT whilst still enabling users to use tooling that makes them productive.
This is just one of the many things we’ve built into our cross Cloud File Server, the ability to govern and control Cloud Sprawl:
The ability for IT to take back control means that they can more effectively control data compliance issue challenges presented by Cloud Services, as well as those more broadly presented by e-compliance. Widespread use of digital communication technology has led to companies facing a new types of challenge with regards to the management of privacy, consumer protection, Intellectual Property, and content governance.
Compliance issues are of course not the only issue companies face when it comes to distribution of digital informtion across Cloud Services. Information visibility is required across all these services when, for example, doing something as simple as a document search.
The SMEStorage Cloud File Server can be used as either a SaaS service or an onsite Cloud Appliance to address these issues. Firstly any Clouds or SaaS services added to the File Server have information indexed and recorded, and made available from a single unified explorer view. As users create anew content and upload it to any of the Cloud and SaaS services that have been added to the Cloud File Server, each service’s API is used to securely capture, store and index the files. Note that no content needs to be copied. All this is stored and accessed from the original repository.
File event logging can be set at a micro or macro level to record any file event from any user with related IP addresses and GEO Location information. This information provided an audit trail that can be filtered and stored:
Also The Cloud File Server Admin can control which ‘private’ individual user clouds can be used or added within the Organisation. For example the Admin may decide to enable each user to add a Google Apps Docs Account and restrict all others, or may also enable users to add personal DropBox accounts also. Any personal user Clouds that are added in this way can also be indexed, audited and file events recorded:
In addition to this any file uploaded has the GEO location recorded as to where it was uploaded from and where it was uploaded to, again for audit and compliance purposes. The integration of geolocation technology can also helps organizations restrict access to files or SaaS applications appropriately dependant on any data privacy or e-compliance law that differs or is required to be supported on a cross border basis.
The ability to index and record information from different Cloud Stores as described above also results in a powerful cross-cloud search capability, in which searches for content are made against all the Clouds that have been added, with results returned instantly.
In summary, unmanaged usage by company staff can not only lead to security issues for IT, such as incomplete or lost data, but can also lead to potential breaches of corporate governance and regional data legislation rules. In addition it prevents companies from fully leveraging the cost savings that are associated with cloud computing, and ultimately can undermine such infrastructure adoption by IT departments.
The SMEStorage Cloud File Server provides features that enable IT to:
- Capture and Index SaaS and File Cloud Services
- Provide event auditing with downloadable audit trail across all services added
- Provide GEO restriction monitoring and filtering
- Search across Clouds and Services for e-discovery needs and to promote information visibility and access
- Use CloudSafe to backup content repositories to another Cloud for retention or backup purposes