Five practical steps towards secure cloud storage

Enterprise cloud app use is still booming, with the latest Netskope Cloud Report finding that on average there are now 483 cloud apps in use within European organisations.

Cloud apps can be a cost-effective way to boost productivity, but workers’ increasing use of cloud apps, and unsanctioned apps in particular, can put data at risk.

When thinking about protecting enterprise data, cloud storage apps are an obvious place to start. Cloud storage is the second most popular cloud app category (behind marketing apps), but there’s no guarantee that these apps are secure. In fact, the Cloud Report found that 89.6 per cent of cloud apps were not “enterprise ready”, scoring a “medium” or below on the Netskope Cloud Confidence Index. When you consider all the data that employees are uploading to cloud storage apps, this is a sobering thought.

So how can businesses harness the simplicity and productivity of cloud apps, whilst keeping their data secure? Here are five practical steps for companies looking to safely enable cloud storage apps.

  • Safeguard sensitive data in corporate cloud storage

Plenty of organisations choose to harmonise on one cloud storage solution like Google Drive, Egnyte, Dropbox, Box or Microsoft OneDrive. These businesses should start by establishing what important data is housed in that app.

According to Netskope data, 17.9 per cent of all files in enterprise-sanctioned cloud apps violate at least one DLP policy. That means these files may contain health information, PII (personally identifiable information), source code or something of similar value or importance.

Of those DLP-violating files, Netskope data reveals that one in five are shared outside of the organisation.

  • Standardise on a single storage app (or at least cut down to just a few)

If your business isn’t using a single cloud storage solution such as those mentioned above, gather employee feedback and choose a solution to standardise on based on employees’ views and how well the tool meets organisational requirements.

It’s then important to coach employees on the selected app, to ensure 100 per cent up-take and ongoing use.

  • Monitor cloud storage app usage

You can’t control what you can’t see. As well as working out which apps are in use by employees, organisations should also monitor activity within these apps – uploads, downloads, shares, etc – to develop a view of the risks posed.

Organisations should monitor data in transit to and from corporate apps, as well as keeping a watchful eye on activity in and around unsanctioned apps used by employees which were not provisioned by the IT department.

It’s also important to monitor for any risky or unusual activity, and this means building up a picture of what “normal” looks like as well – because unless you know that, it’s next to impossible to spot anomalous activity which falls outside of normal usage patterns.

Also watch out for app access from employees who have had credentials compromised in a data breach. Do you know whether the person accessing the cloud storage app is really your employee, or could it be a hacker using credentials stolen in a data breach of another system?

  • Secure the ecosystem

Consider the ecosystem of other apps that fit around or integrate with a corporate cloud storage app. Examples are apps which provide secure document signing, project management tools or data visualisation portals.

There are tens of necessary apps in any organisation’s cloud which help the business run more smoothly, but the likelihood is that some of these apps will lack appropriate enterprise-grade security. If apps aren’t provisioned by IT, then managing them or enforcing policy to control their use becomes more difficult.

  • Think of your users as clients or partners

Consider treating users like clients. Like it or not, most employees don’t have much interest in security. So when IT can take the security responsibility away from users, employees can work however they want without risk.

Enabling this culture means allowing the business to operate freely, but ensuring that the IT department leads on any security decisions. In practice, this would mean that once the business has selected a cloud storage app, IT would then set and enforce granular policies to ensure secure use of the app.

One example would be blocking the upload of files which contain certain types of data, such as customer names and addresses. This approach empowers employees to use their own work styles without putting data security at risk.

With the European General Data Protection Regulation set to become law in 2017, now is the time for companies to get a grip on their data – and cloud storage apps are a great place to start.

Eduard Meelhuysen, VP EMEA, Netskope.

Image credit: Shutterstock/Oleksiy Mark