While the dust is still settling around the Clinton email scandal, IT professionals are discussing the incident from a compliance and security standpoint. Mike Bell, CIO at Texas Department of Justice, shared an amusing collection of the worst government security “flubs,” highlighting that security needs to be considered at all levels of an organization. The examples show that shadow IT, while potentially risky, is not necessarily conducted by malicious employees, but more likely represents a simple desire to use tools that maximize productivity.

Mike_Bell_on_Twitter___Clinton_Email_Fail__Worst_Government_Security_Flubs_-_InformationWeek_http___t_co_IcBrdEv8ls_via__InformationWeek_

Paul Stokes, CIO at the University of Victoria, shared an article that grounds this issue in the opinions of security practitioners. Among survey respondents, 65% of InfoSec professionals are concerned about executive knowledge of security, and 77% are concerned about BYOD. 29% don’t believe there is enough board oversight of security. Although attention paid to security has certainly risen over the past few years, there are still shortcomings in how organizations prioritize security.

Paul_Stokes_on_Twitter___Survey__Security_Pros_Have__Critical__Concerns_About_Infosec_http___t_co_iMPMnuu5BS_

This goes to show that a key aspect of enterprise security falls on the shoulders of the users. Robert Schmidt of the California Department of Agriculture posted a much-needed article on security best practices for employees. Not only do the guidelines cover preventative measures, but they also lay out steps to take in the event of a compromised account. Security teams would be wise to share these tips with employees, as security-conscious users can be a powerful (and inexpensive) line of defense.

Robert_Schmidt_on_Twitter___What_to_Do_If_You’ve_Been_Hacked__And_How_to_Prevent_It__http___t_co_gc8mCDqBc8_

Ward Walker, CTO of Air Mobility Command, explained the significance of catering to users’ needs. His comparison of IT with iTunes illustrates the point that with the amount of cloud services easily available to employees, IT must offer a similarly frictionless experience. Convenience is a powerful factor, evidenced by examples ranging from Hillary’s personal email address to a business units using personal file sharing services for work use.

Ward_Walker_on_Twitter____In_an_era_of_Shadow_IT__be_a_Svc_Broker__govern___get_out_of_the_way__Make_IT_like_iTunes_for_biz_peers___AGENDA15_

Finally, your own employees aren’t the only ones to worry about. The average company connects with 1,555 businesses through the cloud, 8% of which are high risk. Creative Artist Agency’s Michael Keithley shared our Slideshare on how the cloud economy enables powerful systems of collaboration, but also creates vulnerabilities for companies. For example, attackers entered Target’s system through an HVAC vendor. The connected partner environment further illustrates that security no longer follows the model of the old corporate perimeter.

Michael_Keithley_on_Twitter___The_Cloud_Economy_http___t_co_80i8DonrXQ__SkyhighNetworks_

Cloud Adoption and Risk Report Q1 2015

Based on data from over 17 million users, the definitive resource on cloud usage trends and risks.

Download Now