Embed Size (px)
DESCRIPTION
A Softchoice survey of 1,000 full-time people in North America found employees who use SaaS apps for work are developing bad tech habits that expose their organizations to security breaches and data loss. Our report summary provides an in-depth exploration of how SaaS is adding a new element of risk to the way we work, and what IT departments can do to eliminate bad user behavior in the cloud.
Citation preview
Careless users in the cloud(and what IT can do about it)
INTRODUCTIONCloud computing has become a permanent addition to all types of businesses –from startups to global corporations.
In the age of the cloud, employees enjoy greater accessibility and agility than ever before.
But, as is often the case once new technology sees widespread use, new behaviors emerge – some risky.
People who use SaaS applications were significantly more irresponsible about password security, file transfer and IT compliance at work – exhibiting behaviors that can expose corporate data to unintentional leaks and malicious attacks.
Softchoice, a leading North American IT services and solutions provider, commissioned a study conducted by The Blackstone Group to explore workers’ technology habits in the office. 1,000 full-time employees in the U.S. and Canada were asked about their behavior around app security, remote access, file transfer and IT compliance.
METHODOLOGY
PASSWORD SECURITY
SaaS app users are over 2x more likely to display their passwords on Post-its.
People using SaaS apps for work were 3x more likely to keep passwords in an unprotected document.
SaaS app users are 10x more likely to store passwords on unprotected or shared drives.
10.2% 25%
2.1% 21%
10.4% 29.1%
PASSWORD SECURITYIN THE CLOUD
SaaS app usersNon-app users
SaaS app usersNon-app users
SaaS app usersNon-app users
Click me to share!
NUMBERS GAME:AGE OR QUANTITY?
The reason for shoddy password protection among SaaS application users is found in the sheer number of apps employees access
28.5% 10.8%
Twenty-somethings Baby Boomers
28.5% of twenty-somethings keep their app passwords in plain sight, compared to 10.8% of Baby Boomers.
36% of employees using SaaS apps for work access five or more different apps on the job –resulting in too many unique (or slight riffs on the same) log-ins for them to memorize or maintain securely.
SOLUTIONS: PROVEN PASSWORD SECURITY
Secure, cloud-based single-sign-on solution tied to your existing Directory Service (e.g. Active Directory).
On-premise-basedsingle-sign-on tied to your existing Directory Service (e.g. Active Directory).
Companywide password security protocol.
Good Better Best
FILE TRANSFER
FILE TRANSFER & REMOTE ACCESS
…THAN NON SaaS APP USERS
59.1% 27.5% 17.7% 3.7%
4x more likely to attempt logging into a work account associated with a former job.
16x more likely to access work files through an app that IT doesn’t know they have.
2x more likely to email the work files they need to their personal account.
27% 1.6%
SaaS APP USERS ARE…
SaaS app usersNon-app users
SaaS app usersNon-app users
SaaS app usersNon-app users
CRIPPLED BY CONVENIENCE?
Once employees actively use cloud apps, it seems that the desire for instant information gratification motivates their tech behavior beyond the cloud
Finding an app that makes one’s daily job responsibilities easier is perceived as more important than running that download decision by IT. Unprotected email exchanges and meddling into old accounts becomes personally justifiable by this “I need it now” attitude.
76% of SaaS app users have needed to access work files away from the office, compared to 58% of non-app users.The cloud is therefore redefining how employees approach their jobs overall, not just how they use technology.
SOLUTIONS: FOOLPROOF FILE TRANSFER
Standardize on a cloud-based collaboration platform solution, coupled with a mobile device management (BYOD) strategy. Add a cloud platform to provide end-user management and reporting capabilities to mitigate future risk.
Standardize on a cloud-based collaboration platform solution, coupled with a mobile device management (BYOD) strategy.
Standardize on a cloud-based collaboration platform solution (e.g. Box).
Good Better Best
IT COMPLIANCE
CLOUDING IT COMPLIANCE
Close to 1/3 of SaaS users reported downloading an app without letting IT know. What’s encouraging this rogue behavior?
39% used the app for personal reasons first, then started using it for work, blurring the lines between personal and corporate use.
CLOUD-CONSCIOUS IT
37% 67% 46% 79%
79% of all employees said their IT department takes some form of action when an unsanctioned SaaS app is found in the office environment.
67% of SaaS users say IT is responsive to them.
37% of SaaS app users say their IT departments get them what they need.
Almost half of SaaS app users (46%) said that when an unsanctioned app is found, their IT department provides a secure equivalent.
SaaS app usersNon-app users SaaS app usersNon-app users
YOUR IT TEAM HAS A BETTER REPUTATION THAN YOU THINK
Most employees feel that IT is responsive when accommodating new app requests. And instead of turning a blind eye to rogue app downloads, IT often
deletes and blocks these programs, and finds safer alternatives.
What IT has failed to control is the flow of personal cloud use behavior into the workplace. This presents a challenge for IT:
To initiate plans and policies for long-term conditioning.
To teach employees best-use standards that will protect them at work and in their personal lives.
Standardized procurement of ‘safe’ list of vetted SaaS apps, all accessed through an identity management platform to centralize provisioning and deprovisioning capabilities via a cloud portal, enabling lines of business to make their own choices while minimizing risk for IT.
Scan to uncover unsanctioned SaaS app use. Communicate risks of ‘shadow IT’ to employees. Provide a standard ‘safe’ vendor list for SaaS apps.
Third-party scan of IT environment to uncover unsanctioned SaaS app use. Communicate risks of this ‘shadow IT’ to employees.
SOLUTIONS: MOVING FROM IT GATEKEEPER TO SaaS ENABLER
Good Better Best
CONCLUSION: CLOUD CONTROL
Looking at end-user cloud behavior, three curable issues emerge:
Start solving one problem, and you’ll likely solve them all…
Employees are undermining their IT departments by failing to grasp the risks of their lax behavior.
Today’s employees don’t just use technology differently, they work differently.
Employees are surpassing their app threshold. Too many accounts prohibits safe password procedures.
-Adopt a cloud-based collaboration solution-Tie in a BYOD strategy
-Assess your IT environment-Communicate shadow IT’s risks-Consider an identity management solution
-Establish a company-wide password policy or single-sign on platform
Next StepsNext StepsNext Steps
CLOUD CONTROL
Business leaders must empower the IT department to provide workers with the apps they want (and need) to be productive
Step 1: Put the right pieces in place.Implement the right policies, procedures and cloud-ready infrastructure to give IT the ability to deploy and manage suitable SaaS apps that employees need to be more productive in (and away from) the office.
Step 2: Regularly communicate the secure, user-friendly cloud options at employees’ disposal and how to access them. As front-office staff increasingly see IT promote secure and flexible cloud technologies, they’ll become more aware of their advantages and more willing to comply with the rules.
Ready to put an end to careless cloud use?
Contact us today to learn more about how Softchoicemakes it easier to source, implement and manage the right cloud solutions for your organization.
softchoicecloud.com 1-800-268-7368
![Careless Whisper [Nowak]](https://img.dokumen.tips/doc/110x75/577c78ac1a28abe05490a3a6/careless-whisper-nowak.jpg)
