In today’s rapidly changing IT world, business users in your organization are going to seek the agility and increased capabilities of the cloud whether or not your IT operation sanctions it. So your efforts to provide IT security in the cloud need to start with embracing that fact and working to build secure practices from there.
In EMC’s Global Security Organization, we found that the best way to secure the cloud is to actually become a part of it rather than trying to fight it. As a part of the solution, you can build better, secure offerings that will allow you to protect your data and get a better experience for the user.
For the past nine months, GSO has been identifying shadow IT applications (or business-managed IT) in the cloud using a security monitoring appliance, RSA NetWitness, in conjunction with increased security analytics. This gives us a comprehensive view of our network traffic, including shadow IT. And rather than blocking those shadow users from continuing their cloud-based operations, we work with them to provide IT-controlled solutions that will still serve their business needs in a secure way.