Rise of authorisation technology
Improve security for employees working via the cloud, says Jeff Willis
Reading through the latest round of channel predictions, it's clear that cloud computing remains high on the agenda for 2014. And why shouldn't it? In its simplest form, the cloud allows people to work more flexibly and collaboratively regardless of their location.
However, recommending cloud computing to customers is still met with concerns around security.
The main security issue we see businesses fighting to address is how employees should access sensitive company data stored in the cloud. While the benefits of flexible working are clear, if company data is not encrypted and accessed through a secure VPN network, it could end up in the wrong hands and do more harm than good.
Open wireless networks, for example, may appear to offer convenient access to company documents while on the move, but many employees don't realise that working on an unprotected, confidential document wirelessly can leave their data and device vulnerable to attack. Resellers must bring these facts to life in a way that resonates with customers.
Use analogies - even simple ones. Not having the right security offerings in place might be the equivalent of letting a stranger disappear with your credit card, for example.
And the message doesn't have to be all doom and gloom. The industry has been introducing a range of measures that will help businesses embrace the cloud and overcome these obstacles, particularly when it comes to end-user security. We have seen a plethora of antivirus and patch management software hit the market for endpoint devices, and this trend is only set to continue.
The main development to watch will be the rise of authorisation technology. While products such as antivirus software remain useful when it comes to endpoint security, authorisation technology puts the power in the hands of the business - there's no need to worry about employees failing to log that an antivirus subscription has expired, for example.
Such products enable businesses to control what employees can access, as well as make permissions specific to their device, location and role.
A granular level of regulation allows businesses to ensure staff only access sensitive data on a secure device that is operating within its own firewall.
For example, a junior member of staff can be denied access to high-level documents, while senior employees may only be permitted to view these documents when they're on the company's private network and using a device certified by the organisation.
Authorisation technologies can allow businesses to benefit from the flexibility promised by the cloud, while also keeping their data safe and secure at all times.
They will also give organisations more tools to tackle the range of devices its employees are using to access company data - from work smartphones, to personal tablets and laptops.
Resellers should position the combination of endpoint and authorisation security formats as an "iron vest" approach to cloud security measures. The benefits of this are universal, so we can expect to witness industry-wide adoption of this technology.
Jeffrey Willis is Europe director of B2B solutions at Toshiba