Canopy, the Atos cloud brand...
I'm going to get you in my tent, tent tent, tent, tent...
No you're not.
Your users are probably using cloud-based services that you’re not even aware of to organise their files and collaborate with each other. What are you going to do about it? “Shadow” IT — cloud services bought from third-party providers without authorisation by the IT department — is becoming a significant problem for many …
Please change that terrible image, I can't tell if it's supposed to be a very short techno kilt, or a very digital Spartan garment.....
Ahhhhh, my eyes, my eyes, I can't undo that nasty image. Electronics in the testicular region are never a good thing...
( The Author must be some kind if closet Goatse fan)
Hmmmm, I'm reminded of this, overheard from a colleague, in a previous job:
"Can you help? It's really urgent, we've lost all our files. Looks like someones deleted them"
"Ok, what's the site called, can you send it through to me and I'll check permissions"
<stuff come through>
"Err, this is a Dropbox account? We don't have a corporate dropbox account"
"Really? Well so-and-so who's just left said he uses it and he let us use his. Now he's left, it's all disappeared"
"F&*( )*)" (:~@}@~!""
"I hope you had a backup..."
Turns out the user who left let them use his personal dropbox and when he left, he deleted the stuff the company used and binned the permissions. Geniuses all round. Oh, and they had a little bit of the stuff backed up that some slightly more clued up user stashed on the company collaboration portal as a "Just in case" scenario.
This is happening at our org right now, we have a load of slow moving creaking legacy systems so Cloud is seen to solve many woes.
Two main challenges: New cloud products; Marketing automation and webinars are in the sights now...we have a new Digital and Marketing Director. Whilst these systems are designed to be onboarded (excuse the marketing parlence) quite quickly I face the challenge of getting each new great thing happily talking with our CRM platform whilst maintaining lots of legacy stuff.
Lastly we also have folks with company iPads using dropbox, Evernote, Drive and iCloud etc.. in a most unregulated fashion.
Anyone else going through such things/pain?
So cloud provider Canopy told The Register that cloud is really important, being increasingly used and that using cloud is an absolute must. This is hardly surprising is it.
Regarding cloud blocking and possible ways to circumvent the blocks, this is dealt with in the Company's acceptable use IT policy, which all employees sign up to and may form part of their employment contract. You may not be able to secure all channels, but then you can't stop your employees stealing office furniture either, if this is what they are determined to do.
Employees should be very careful about defeating the employer's security measures. In the UK it is difficult to dismiss someone from employment. If an employer wants to give you the chop, then evidence you defeated some security measures could be just the excuse they need. And it will all be in the logs, an open and shut case.
.... with web CMS applications. They're a pain in the ass to use. Slow, unpractical, and disconnected from the file system which is what most applications understand.
Cleverly, tools like Dropbox understood you need to integrate the repositories with the OS, and sync. VCS systems - which don't work with source code only, are much faster and useful (especially since they can move only changes when 'syncing'), but the average user stubbornly refuse to use them, and prefer to have hundreds of copies of the same file scattered around local folders, shares, mails and web servers, each with something in the name to tell which version is, just with at least ten different standards - if ever someone remembers to rename the file properly.
The solution has been existing for years, but everybody prefers clumsy new ones.
I'm calling BS on the claim that a typical firm uses *923* different cloud services. Are they misusing the term "cloud service" to mean literally any web site, or what?
This doesn't really negate the fact that unauthorized use of services like Dropbox a) Could be a security risk b) Is a problem if it's being used in lieu of backups. c) Could be a cash drain if the corporate budget is being used for it.
To me, the solution is:
a) Find out what services people are using or want to use.
b) If it's important to the business, implement it. Either set up the service served from your own data center, or main office, or whatever... or buy a corporate version of the service so it's still going wherever, but you have some visibility into what's actually going on there, and some control over what happens to the files. Note that a way WAY clunkier equivalent is not at all equivalent -- the example from the article shows this, a clunky and slow web-based CMS is not equivalent to, say, Dropbox, which has a web version, an app, and makes sure everything operates nice and smoothly.
c) If it's just a sync'ed calendar or something, the risk of letting people use an "unauthorized" one may be pretty low, so you may just want to let them go ahead and use it.
edit: Regarding implementation -- if making this new service integrate with existing services at your business is going to delay the new service indefinitely.... maybe you just have to drop that requirement. After all, the choice here is not "service you provide" or "nothing", it's "service you provide", "unauthorized 3rd party service", or "nothing". I think it's better to have, say a "dumb file store" you operate than have people just use a 3rd party one... after all, the users using the unauthorized 3rd party one are clearly already getting by without that tight integration.
Unless your accounting group is using a similar service, they can simply not approve any payments on your corporate cards, and reject any reimbursements for payments made for these services on personal cards. If you do that, you'll never be more than 45 days into its existence when you find out about it.
"We block any access to Dropbox"
Although I agree blocking certain things can be a good idea and at least stops the clueless masses it's also a bit of a losing proposition. It's too easy for the slightly more savvy (and often more dangerous, cause they think they are smart) user to circumvent. Just install a vpn client, connect to your favourite vpn provider (or setup your own on a vps) and Bob's your uncle, or use your smartphone as a wireless hotspot, proxies etc.
What's better is the stick, create sensible rules and punish those who do not comply.
Biting the hand that feeds IT © 1998–2019