Of course, the most critical layer of defense is the human layer. You need your employees to know why they should abide by IT security policies and refrain from downloading unauthorized files. A workforce that understands the risks that such files pose to the well-being of the company, as well as their hopes of continued employment, is less likely to ignore warnings, override settings, or try to defeat your layers of defensive technology.
Tim Caulfield, CEO
What are the risks with moving to cloud-based applications for CRM (Customer Relationship Management), Supply Chain Management, or even genomics sequencing when employees are out in the field with access to valuable data?
Frankly the risks for security breach or data leakage with cloud services are no different than for legacy-sourced services. There are not inherent advantages or limitations due to technology; it basically comes down to access policies, data segmentation, training, trust, and oversight. Indeed, screen captures, copied files, and memory sticks take mere seconds regardless of a person’s actual location; people are still the source of most vulnerability, not the technology.
In fact, from an IT security standpoint, the level of privacy, isolation, and verification on enterprise-class cloud services are often higher than what is found with legacy implementations. Why? Specialization and investment. Because cloud service providers do it for hundreds of clients every month who expect a very high level of assurance, such providers have invested in and “over-engineered” services and procedures to satisfy even the most stringent customers.
With Moore’s Law and the rapid rate of change in computer technology, it seems that commoditization is rampant and business advantage quickly moves to the largest players with the greatest economies of scale – think Amazon, Cisco, Google, Microsoft, and more. What advice can you give to businesses that want to harness this power for greatest value?
Technology is a wonderful tool but it’s important to remember that while necessary, it is certainly not sufficient for a great overall solution. What most firms need is a consultant / partner / provider who takes the time to really understand priorities, skillsets, and business drivers in order to craft a complete service package that meets the entirety of requirements and is not just a bundle of goods.
This is where a hands-on approach with a local firm who’s invested in the community and committed to your success really pays off. Rather than work with a large vendor who might have great brand recognition but isn’t necessarily known for flexible, personalized, or timely service, we advocate local investment with providers employing highly-skilled professional who internalize your needs and go the extra mile to deliver high-touch service and support.