"save time and money, according to Symantec"
Is exactly right.
"We would rather you spend much more money on our services instead" is what they didn't say. Reasuringly expensive is getting harder to sell.
(Pint of very expensive lager).
With one eye on Larry Ellison's Oracle in 2011 Salesforce chief Marc Benioff attacked “fake clouds” saying they aren’t the future. Oracle - late to clouds - threatened to challenge Benioff’s message of using public clouds that house your data next to other customers' data in a secure, multi-tenant model with the idea of …
Works for us. We block all means of transfering data that don't leave an accounting trail, except for USB keys. We can't disable those, as the IT office door is partly glass and would not withstand the onslaught of an angry mob.
Doesn't affect me though. I need no dropbox: I wrote my own quick-and-dirty filelocker software. It runs on a webserver VM I rent for other purposes. Just a little perl, but it gives me a web interface for submitting a file, and returns a link to where the file ends up. Minimal, but functional.
You just bypassed your own security policy?
If you can do it, whats to say another 'cunning-user' can't do it?
Blocking stuff doesnt help anyone. Doesnt help the business, doesnt help the users, doesnt help you either.
Better off actually providing a service that you control and trust, than playing whack-a-mole on whatever service you spot someone using that you dont like that month.
It helps when your business is a school. If you want to get five minutes of productivity out of the students in a day, the first thing you need to do is make sure all the game sites they know are blocked. The second is to get the teachers paying attention for the ones who bring in games on their USB stick.
We don't do that1!!
If you get caught using an unsanctioned off premises storage site, the penalty is execution immediate termination, with no severance benefits. Ever since that policy was instituted back in 2005, there was only one person who was 'made an example of' (the first luser who committed that sin). No one has dared since to face their execution.
1 That being `playing whack a mole`
"The most commonly cited reason for firing up a rogue cloud was to save time and money, according to Symantec."
So the solution is to make the in-house cloud easier and cheaper.
Oh, wait, I don't think I've ever seen an in-house solution with those characteristics, because they are designed to keep management happy rather than the workers who use it.
Then you do not know how to properly provision those servers.
In order to get gobs more $$$$ for your pet server projects, all manage manglement connections route through a "delay" line", introducing additional latency into manage manglement sessions.
Consequently, manage manglement bitches about the latency, and you offer the solution, at a price. It gets approved, you get new kit, and manage manglement gets slightly faster sessions. Now, your CIO must be IN on this or else you are up shit creek when it does hit the fan.
Of course, if you have a tech savvy CEO who "gets it", and doesn't starve IT in order to placate some loudmouth shareholders (working for a privately owned company does have its advantages); then the ruse you have to run is generally less deceptive; and you are more likely to get the kit you really need. Then, with that additional kit, you can set up your own in house "cloud", no longer any excuse for a 'rogue cloud'.
"The Mac and Linux are free of these parasites."
True they don't have the anti-virus crowd sending shivers down people's spines just to boost sales, but Dropbox has a history of security failures and yet it is still in a number of Linux distros.
I have just checked a few, it's in Mint, and Bodhi, but not as far as I can see in Mageia. These are just VMs I have on my box. If there are known problems with Dropbox what the hell are the distro developers doing putting something in there that could pose a real danger to a newbie or naive user?