I wonder how many of these cloud accounts are set up by end users to bypass IT who want to make a big inconvenient fuss about how they do things. Or maybe even use then to do away with an IT department altogether. Is it surprising they end up like this?
High-jacking the Box: Enterprise storage tool's customers leave secrets on web like sitting ducks – including Box itself
Various Box Enterprise customers have inadvertently shared, and probably still are sharing, sensitive corporate data on the public internet. And that included Box itself. Vulnerability-hunting biz Adversis sounded the alarm this week on the information leaks, after finding it was easy to guess app.box.com URLs to organizations …
Tuesday 12th March 2019 19:52 GMT Anonymous Coward
Been there. The commoditisation of IT makes departmental managers feel they can do things themselves without input from experts in the field. This can be effective in the short term, but usually leads to pain in the medium to long-term. The spam/phishing people move with the times. Where I've seen this happen, the IT (or IS - Information Services as it was) Had informed technical management, but not necessarily the internal experience in, say, incident response. And this is the moment competent experts in the field--or indeed, simply a well-informed IT manager, can make the difference.
More often than you might expect, things come full-circle.
So the 2nd lesson is don't give up. A client you may think hates you, may come back when they (eventually, especially when things stop working) understand the value you had brought. Not a panacea, but understanding what's really going on in management with major clients will help with careful, informed planning, epecially if you are a self-employed business.
Hope this added to the conversation. Cheers...and IT veteran.
Just my thoughts.
Tuesday 12th March 2019 15:40 GMT Androgynous Cow Herd
Collaboration vs. security
Box has done an amazing job in creating a collaboration sharing platform, and an even more amazing job of establishing themselves as an enterprise play. I can think of *many* very large SV companies that use the platform...over the horrified screams of the Infosec teams.
Infosec people are paid to be paranoid...but being paranoid doesn't make you wrong...
This post has been deleted by its author
Tuesday 12th March 2019 15:54 GMT Anonymous Coward
Scotland Yard with 50,000 instances for storing CCTV evidence etc,
Symantec who have a nice video about their use of box
FICO that advises Banks on risk and fraud,
FDA (inside dealers would love this)
Other customers on