Securing sensitive data cannot sacrifice the simplicity of sharing it, otherwise users will circumvent the security. Users expect easy online access to the sensitive information they need to get work done. For them, the cloud is a panacea and a privilege. For CISOs, the cloud is a double-edged sword. Every minute and penny saved on the cloud comes at the price of increased risk. However, if you make the mistake of providing a complex channel for sharing information securely, users will seek out simple, insecure alternatives to accomplish their goals—building their own shadow IT out of easily accessible, consumer cloud applications.
CISOs must enable secure file sharing that balances the protection of sensitive content with the overwhelming need to share it, easing access while preventing breaches, ensuring privacy alongside transparency, and adhering to complex regulations without getting in the way of efficient communication. Each trade-off entails risks. This blog series explores these trade-offs and offers six guiding principles for creating a secure content sharing channel that enables work across the extended enterprise and protects your most sensitive digital assets.
In my last blog post, I discussed the challenge organizations have in providing easy access to sensitive content, but also ensuring that content is shared with complete confidentiality. Today, I’ll explore how organizations can eliminate shadow IT with a secure communication channel that shares sensitive content efficiently.
Simplicity Is Just As Important As Security
Every frustrated employee who takes IT into his or her own hands to get work done increases the risk of a breach, leaving the CISO responsible. Alternatively, blocking common consumer cloud services runs the risk of alienating everyone with complex communication processes. You must provide a secure communication channel for sharing sensitive content that is also incredibly simple and easy to use. Simplicity is just as important as security.
Confidentiality means ensuring only authorized users can access, modify, and share specific content in specific ways. It must be enforced at the user-application-content level, because that is where this information resides. [source: Accellion secure file sharing and governance platform]
Enterprise Application Plugins Ensure Security and Simplicity
Users share content from a wide array of applications: email, Web browsers, office apps, mobile apps, and enterprise apps. Your secure content sharing channel must extend to every one of these endpoints. This can be achieved with plugins for each application that route content sharing through your secure channel. Enterprise application and Microsoft Office plugins make sending, receiving, saving and retrieving sensitive content as easy as clicking a button inside each target application. Once you have made it simple to share sensitive content securely, then you can shut down the alternatives with confidence. Restrict sharing to authorized applications by controlling software installation and deploy a cloud access security broker (CASB) to block unauthorized cloud services.
In my next post, I’ll discuss how CISOs can protect their organizations from a breach once they control every file saved and retrieved from every enterprise content repository. With enterprise content integration, organizations create a secure inner perimeter around their most valuable digital assets that complement a secure external perimeter.
Don’t want to wait? Download the eBook now!
The Risky Business of Online Collaboration
*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Accellion authored by Cliff White. Read the original post at: https://www.accellion.com/blog/eliminate-shadow-it-with-secure-content-access-that-doesnt-slow-workflows/