The Role of IT in the Era of Cloud Data Protection

There’s no question about it: cloud computing and workforce mobility have forced a dramatic change in the enterprise IT infrastructure. Gone are the days of the network perimeter keeping all data inside. Organizations looking to stay responsive and competitive must adopt the cloud, and cloud computing means enterprise data traveling far beyond the on-premises data center and, seemingly, far outside traditional IT control. Data protection now demands cloud protection. So what is IT’s role in this brave new world? Among more technologically conservative organizations and those facing particularly strict regulatory compliance requirements, such as those found in financial services and health care, the temptation is to cast IT’s role in cloud data protection as that of a restrictive agent. At first glance, it may make sense. Adopting the cloud means giving up some control of your data, and enterprises with a lot to lose often see that as unacceptable. But you can’t wish the cloud away. Building out a corporate infrastructure comparable to what many top cloud service providers can offer would be extremely expensive, since cloud providers can pass down savings generated by their economies of scale. And workers without anytime, anywhere, any device cloud access are less mobile and less productive than cloud-connected employees. See “Integrating Clouds into the IT Infrastructure” “FIRMS THAT SUCCESSFULLY INTEGRATE CLOUDS AND EXISTING IT INFRASTRUCTURE CAN ACHIEVE AGILITY, FLEXIBILITY AND TRANSFORMATION THAT WAS UNIMAGINABLE A FEW YEARS AGO.” In any case, choosing cloud prevention over cloud protection most likely won’t even stop employees from using the cloud. It will simply drive workers—and, in some cases, entire lines of business—to adopt cloud services on their own initiative, without the knowledge or participation of the IT department. This practice is so widespread that it now has a name. It’s called shadow IT, and as Arthur Cole recently wrote for Enterprise Networking Planet, “you can’t stop shadow IT from invading the enterprise.” So what can IT do? The modern IT department must focus on enablement. The cloud isn’t going away. Employees want it, and businesses need it to compete. IT administrators must work to develop cloud data protection strategies that will enable the business to adopt the cloud without losing control of their data or falling out of compliance. “WE’RE NOT LOOKING TO JUSTIFY WHAT WE PUT IN THE CLOUD. WE’RE ATTEMPTING TO JUSTIFY WHAT WE’RE NOT PUTTING IN THE CLOUD. … WE ARE A MORE STRATEGIC IT DEPARTMENT AND A BETTER COMPANY AS A RESULT OF CLOUD COMPUTING.”
– CIO, ENERGYPLUS Luckily, a solution to the conundrum does exist. Cloud data protection that offers granular control over the encryption or tokenization of each type of data field, and that integrates with DLP solutions and cloud services and applications to identify and protect that data throughout its time outside the corporate perimeter, enables users to conduct business and take full advantage of cloud computing without incurring unnecessary risks. In addition, cloud protection platforms that give customers exclusive access to their encryption keys provide an extra layer of control. With effective cloud protection, IT doesn’t have to choose between security and agility. Instead, IT can focus on becoming an enabler of better business operations and outcomes—a win for all involved. NEXT STEPS To find out more about why you need Cloud information protection, check out the following helpful resources: Why Cloud Information Protection? Taking Control of Your Enterprise Cloud Data – download this free eBook to learn about why you need cloud information protection: To retain control of your data; to prevent data theft or leaks; to simplify the complexities of strict regulatory environments, and more… Seven Steps to Protecting Your Cloud Information – This guide will walk you through the 7 steps and keyactions toward a unified cloud information protection program to give your enterprise complete control over data integrity, protection and encryption. How has your IT department’s role changed since your organization adopted the cloud? Tell us your experiences in the comments.

*** This is a Security Bloggers Network syndicated blog from CipherCloud CASB+ Platform | Enterprise Cloud Security authored by CipherCloud. Read the original post at: