Welcome!

Security Authors: Trevor Parsons, Pat Romanski, Vormetric Blog, Rene Paap, Liz McMillan

Related Topics: AJAX & REA, Cloud Expo, Security, SDN Journal

AJAX & REA: Blog Feed Post

How to Make a Business Case for Secure EFSS By @TLOTL | @CloudExpo [#Cloud]

When properly implemented and managed, secure enterprise file sync-and-share (EFSS) applications can improve project management

When properly implemented and managed, secure enterprise file sync-and-share (EFSS) applications can improve project management and empower your workforce. Unfortunately, making the business case for secure EFSS isn’t always easy – especially when users and management aren’t aware of the risks existing applications pose.

Monkey

Don’t get discouraged, though! The arguments in favor of change are strong. If you’re pushing your organization to eliminate public cloud use from the workplace, the following blueprint can help you set up a convincing business case.

1. Recruit advocates
Numbers make a difference. The more advocates you can win over, the more likely management (or even the C-Suite) will consider your case.

Start with IT. Few of your colleagues will understand the problems, security-related and otherwise, related to users sharing files in the public cloud better than IT. Your IT department may already be dealing with file movement issues without support from management. If so, their receptiveness to your message is all but guaranteed.

But what if you are IT? Taking your case to senior-level employees – the people management knows and trusts – is a viable first step. The closer you can get to a decision maker’s inner circle, the better.

2. Draft a comprehensive plan
To present management with a convincing business case, you need to present them with a well-prepared plan. Just rattling off a few reasons why Dropbox is jeopardizing information security is unlikely to cut it. You need to address business objectives, and those usually involve money.

The plan you create should cover all of the following:

  • The challenge your organization faces: End users, seeing the real efficiency-enabling benefits of cloud sharing applications, are engaging in EFSS activities that place sensitive data in the public cloud. When data resides on these unauthorized servers, IT can’t track it. It may also be vulnerable to theft and could lead to a failed compliance audit.
  • Issues exacerbating the challenge: From the lack of clear data management policies to the absence of adequate EFSS software, a variety of things are probably contributing to the problem. Don’t discount the fact that applications using the public cloud may very well be helping users get their work done. The UI may just be simpler and more practical than what your organization offers.
  • Costs of the challenge: Audit failure, loss of intellectual property, theft of customer data… the potential costs of compromised data security can be extremely high and harm the organization in significant ways. Cite real-life examples of people and organizations who have suffered the consequences of keeping sensitive data in the public cloud.
  • The solution: There might be multiple paths forward, depending on the extent of the problem and the forces exacerbating it. Firmer policies on EFSS activity may need to be established and mobile devices secured. If the organization lacks an EFSS solution with adequate security features, consider Novell Filr. With Filr, users get a Dropbox-like interface and collaboration tools; the difference is that the files they sync-and-share reside on servers you control.
  • Ways to measure success: Assuming you can sway management to your side, they’ll want to know how to measure progress. From IT control over file activity to user adoption rates, there are various ways to determine whether your push for more secure EFSS was successful. With tools like Novell File Reporter, IT can get a birds-eye-view of file storage activity, so they’ll know for certain whether users are keeping files where they’re supposed to or moving them to an unauthorized location.

3. Establish an indisputable business justification
This isn’t so much an additional step as a point you need to emphasize in your plan. The costs of letting employees share data in the public cloud are simply too high for management to look the other way, and you’ll need to provide evidence that this is the case.

An example from your very own workplace can go a long way. Have you had to caution a colleague about sharing sensitive data with Dropbox? Has someone ever lost track of a file in the public cloud with IT completely unable to track it? While you probably don’t want to name names and rat out a well-intentioned colleague who made an honest mistake, anecdotes like these can help management understand the consequences of letting insecure EFSS activities continue.

If you can’t provide a story from your own workplace, you can always relate stories from someone else’s. The examples are numerous.

Be sure your justification emphasizes projected ROI from a new solution or new file management plan. Pitting the long-term costs of a data theft scenario against the mostly short-term costs of a new EFSS solution can be a good way to affirm the investment potential of rethinking the status quo. With Filr, your organization can probably get by without any investments in new hardware at all!

4. Deliver the package to management.
With your coterie of security-advocating colleagues, a comprehensive plan, and an indisputable business justification that emphasizes ROI, it’s time to present your case to decision makers.

Assuming your plan covers all of the items discussed in Step Two, it should be difficult for management to reject it. With the rampant use of insecure file transfer activities in the enterprise workplace, the justification for secure EFSS solutions is stronger than ever.

Management might not be merely supportive – it might even be enthusiastic.

How to Make a Business Case for Secure EFSS is a post from: Data In Motion

Share and Enjoy

The post How to Make a Business Case for Secure EFSS appeared first on Data In Motion.

Read the original blog entry...

More Stories By Tom Scearce

Tom Scearce is product marketing manager at Attachmate and Novell for the enterprise file management market. He has 19 years of marketing, sales, product management and consulting experience in a variety of industries including software, professional services, telecommunications, media, medical devices and health/fitness services. Tom holds a Masters in Business Administration from the Foster School of Business at the University of Washington.

@ThingsExpo Stories
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile devices as well as laptops and desktops using a visual drag-and-drop application – and eForms-buildi...
Things are being built upon cloud foundations to transform organizations. This CEO Power Panel at 15th Cloud Expo, moderated by Roger Strukhoff, Cloud Expo and @ThingsExpo conference chair, addressed the big issues involving these technologies and, more important, the results they will achieve. Rodney Rogers, chairman and CEO of Virtustream; Brendan O'Brien, co-founder of Aria Systems, Bart Copeland, president and CEO of ActiveState Software; Jim Cowie, chief scientist at Dyn; Dave Wagstaff, VP and chief architect at BSQUARE Corporation; Seth Proctor, CTO of NuoDB, Inc.; and Andris Gailitis, C...
SYS-CON Events announced today that CodeFutures, a leading supplier of database performance tools, has been named a “Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. CodeFutures is an independent software vendor focused on providing tools that deliver database performance tools that increase productivity during database development and increase database performance and scalability during production.
SYS-CON Events announced today that ActiveState, the leading independent Cloud Foundry and Docker-based PaaS provider, has been named “Silver Sponsor” of SYS-CON's DevOps Summit New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. ActiveState believes that enterprises gain a competitive advantage when they are able to quickly create, deploy and efficiently manage software solutions that immediately create business value, but they face many challenges that prevent them from doing so. The Company is uniquely positioned to help address these challenges thro...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
Dale Kim is the Director of Industry Solutions at MapR. His background includes a variety of technical and management roles at information technology companies. While his experience includes work with relational databases, much of his career pertains to non-relational data in the areas of search, content management, and NoSQL, and includes senior roles in technical marketing, sales engineering, and support engineering. Dale holds an MBA from Santa Clara University, and a BA in Computer Science from the University of California, Berkeley.
SYS-CON Media announced that Cisco, a worldwide leader in IT that helps companies seize the opportunities of tomorrow, has launched a new ad campaign in Cloud Computing Journal. The ad campaign, a webcast titled 'Is Your Data Center Ready for the Application Economy?', focuses on the latest data center networking technologies, including SDN or ACI, and how customers are using SDN and ACI in their organizations to achieve business agility. The Cisco webcast is available on-demand.
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. He discussed opportunities and challenges ahead for the IoT from a market and technical point of vie...
SYS-CON Media announced that Splunk, a provider of the leading software platform for real-time Operational Intelligence, has launched an ad campaign on Big Data Journal. Splunk software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. The ads focus on delivering ROI - how improved uptime delivered $6M in annual ROI, improving customer operations by mining large volumes of unstructured data, and how data tracking delivers uptime when it matters most.
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Performance is the intersection of power, agility, control, and choice. If you value performance, and more specifically consistent performance, you need to look beyond simple virtualized compute. Many factors need to be considered to create a truly performant environment. In his General Session at 15th Cloud Expo, Harold Hannon, Sr. Software Architect at SoftLayer, discussed how to take advantage of a multitude of compute options and platform features to make cloud the cornerstone of your online presence.
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the technology industry and how do they see opportunities for other women in their area of expertise.
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and expertise to guard against those threats. But will that be enough? In the foreseeable future attacks w...
As enterprises move to all-IP networks and cloud-based applications, communications service providers (CSPs) – facing increased competition from over-the-top providers delivering content via the Internet and independently of CSPs – must be able to offer seamless cloud-based communication and collaboration solutions that can scale for small, midsize, and large enterprises, as well as public sector organizations, in order to keep and grow market share. The latest version of Oracle Communications Unified Communications Suite gives CSPs the capability to do just that. In addition, its integration ...
“The age of the Internet of Things is upon us,” stated Thomas Svensson, senior vice-president and general manager EMEA, ThingWorx, “and working with forward-thinking companies, such as Elisa, enables us to deploy our leading technology so that customers can profit from complete, end-to-end solutions.” ThingWorx, a PTC® (Nasdaq: PTC) business and Internet of Things (IoT) platform provider, announced on Monday that Elisa, Finnish provider of mobile and fixed broadband subscriptions, will deploy ThingWorx® platform technology to enable a new Elisa IoT service in Finland and Estonia.
From telemedicine to smart cars, digital homes and industrial monitoring, the explosive growth of IoT has created exciting new business opportunities for real time calls and messaging. In his session at @ThingsExpo, Ivelin Ivanov, CEO and Co-Founder of Telestax, shared some of the new revenue sources that IoT created for Restcomm – the open source telephony platform from Telestax. Ivelin Ivanov is a technology entrepreneur who founded Mobicents, an Open Source VoIP Platform, to help create, deploy, and manage applications integrating voice, video and data. He is the co-founder of TeleStax, a...
We certainly live in interesting technological times. And no more interesting than the current competing IoT standards for connectivity. Various standards bodies, approaches, and ecosystems are vying for mindshare and positioning for a competitive edge. It is clear that when the dust settles, we will have new protocols, evolved protocols, that will change the way we interact with devices and infrastructure. We will also have evolved web protocols, like HTTP/2, that will be changing the very core of our infrastructures. At the same time, we have old approaches made new again like micro-services...
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be - especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. In his session at @ThingsExpo, Ryan Bagnulo, Solution Architect / Software Engineer at SOA Software, focused on desi...