How Internal End Users Impact Security Risks
The cloud has helped to bring IT into the hands of the non-IT professional. It is easy, fast, and cheap for a business user to contract with any number of cloud services. And with the increase in the use of mobile devices, business users can easily access and share company data wherever they are located. The IT team no longer holds all of the control. This democratization of IT brings with it the problem that non-IT professionals are just not aware of the risks that cloud computing can have. This is not their fault; they’ve never had to think about IT security in the past. Some of the reasons why include:
For the most part their interactions with cloud computing is through various SaaS programs ranging from enterprise level applications like Workday and Salesforce.com to consumer applications like Facebook, Flickr, Yelp, LinkedIn, and many others. Users of these SaaS offerings typically take for granted the complex security that is built into each level of the application.
Employees are used to acquiring compute resources from the IT team. The IT team is of course well aware of security risks and follows best practices for things like systems configuration, software maintenance, and access control.
Compute power that teams were traditionally ...
Get Hybrid Cloud For Dummies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
