Here at Markley, we take great pride in understanding our customers needs and staying on top of (and providing solutions for) the ever-evolving challenges that enterprise IT, data and cloud managers face on a daily basis.
One such challenge that is similar to and has, in part, risen out of the “bring your own device” (BYOD) trend is the vast array of cloud applications that enterprise employees use while on company devices and networks. A recent Wall Street Journal article by Tom Loftus, which focuses on a report released by Netskope, a cloud app analytics company, reveals that enterprise employees run an average of 397 cloud applications. We like to call this phenomenon “bring your own cloud,” or BYOC.
While that number is higher than most would estimate, the alarming part is that IT professionals, on average, estimate that the number of apps operating across their enterprises is only 40 to 50 – and as Loftus points out, means “IT professionals are aware only of the tip of the iceberg.”
The report, which recorded cloud app events on desktop and mobile across hundreds of thousands of users, also indicated that 77 percent of cloud apps were not ready for enterprise use, meaning they failed to meet Netscope’s index for security, audibility, and other factors.
So what’s a CIO to do? We agree with Loftus who says that simply blocking apps from employees is not a viable option. In all likelihood, employees are using these applications because they provide some sort of added productivity or business value to their workday, and blocking them means employees will be left to find other solutions, creating a never-ending, app blocking cycle for enterprises.
But just because you shouldn’t (and cannot viably) block applications as and when employees download them, doesn’t mean you can’t take control of your network and overall enterprise security.
First, enterprises should take a full inventory of all of apps that are being used across each department in the organization. This will ensure you combat the iceberg effect, highlighted by Toftus, and will have a complete view of where the greatest security vulnerabilities lie.
It’s inevitable that employees and guests will bring unsecure devices and apps to your network, so next, implement best practices that will provide secure access to anyone joining your network while supporting BYOD and other innovative initiatives. As Eric Bell from Cisco pointed out at our last Meet @ Markley networking event, these best practices should focus on predictability, visibility and control.
Finally, implement solutions that automate and simplify access control and security compliance, in addition to flexibility and scalability that will allow you to grow with increased traffic and devices, and ensure your network and apps stay healthy and robust.