5 signs that you've lost control over your cloud apps
Network World - CIOs are waking up to the reality that they've lost control over access to data stored in software-as-a-service applications purchased by other departments.
"By the time an organization buys its sixth or eighth SaaS application, it's in trouble," says Jackie Gilbert, vice president and cofounder of SailPoint, which sells software for bringing these applications back into compliance with company policy. "We're poised to see more auditor attention and more security directed at this problem."
Gilbert says that IT departments are discovering that they can't manage or control access to popular cloud applications such as Salesforce, GoogleApps, Concur, ADP, Workday, Taleo or Box if provisioning and de-provisioning is handled by the department that purchased the application.
"Because it's being done outside of IT, the kind of discipline and access control best practices do not normally get done," Gilbert says. "The more SaaS applications that an organization starts to adopt, the more they start to see security weaknesses crop up."
Here are a few of the most common signs that your identity and access management (IAM) solution isn't working when it comes to your growing portfolio of cloud applications:
1. End users start sticking Post-It notes all over their computers listing user names and passwords for cloud-based applications. One solution to this problem: a single sign-on system that supports your portfolio of hosted applications as well as your directory system.
2. Employees leave the company, but their access to cloud-based applications isn't removed, resulting in a proliferation of so-called "orphan accounts.'' To solve this problem, you need to have an automated de-provisioning system that eliminates access to cloud applications at the same time as traditional software applications.
3. Managers are no longer approving data access for new employees. Most large organizations have access control systems that automatically generate e-mail to managers for them to approve user privileges, but these access control systems don't always include hosted applications.
4. Nobody is monitoring cloud-based applications to make sure access is current. As employees' roles in the company change, their access to information should change, too. A classic problem is entitlement sprawl, where people keep getting access to new information when they are transferred or promoted but nothing gets taken away. IAM solutions can identify employees with excessive access.
5. You're losing accounts to the new employer of a salesperson who left your company. Lighthouse Security Group said one of its customers noticed that it was losing accounts to a key salesperson who had been fired. This salesperson was never removed from Salesforce and was using proprietary data stored there to harvest the company's clients.
- Edison Group - Economic Advantages of SmartCloud Entry for Power Systems This white paper provides an assessment of the business value of implementing IBM SmartCloud Entry for Power Systems versus comparable private cloud solutions...
- Clipper: Moving to a Private Cloud? Infrastructure Really Matters! This Clipper Group paper outlines the importance of the underlying IT infrastructure for private cloud environments and lays the groundwork for clients navigating...
- Transform Your Data Center from Basic to Strategic by Increasing Operational Efficiency and Optimizing Intelligence Find out how data center and facilities management are able to use DCIM solutions and a pioneering "zone" approach to bridge the information...
- Pre-Configured Physical Infrastructures Save Time, Aid Validation When Building or Expanding the Data Center To optimize data center deployments many companies are turning to Pre-Configured Physical Infrastructures that arrive on-site ready to be deployed, reducing the time...
- Zoning in on Energy and Physical Infrastructure Management In this Webcast you will learn how to develop and execute a strategy to optimize the energy efficiency of your data center.
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Infrastructure Management White Papers | Webcasts