Careless Users In the Cloud (And What IT Can Do About It)


Published on

A Softchoice survey of 1,000 full-time people in North America found employees who use SaaS apps for work are developing bad tech habits that expose their organizations to security breaches and data loss.

Our report summary provides an in-depth exploration of how SaaS is adding a new element of risk to the way we work, and what IT departments can do to eliminate bad user behavior in the cloud.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Careless Users In the Cloud (And What IT Can Do About It)

  1. 1. Careless users in the cloud (and what IT can do about it)
  2. 2. INTRODUCTION Cloud computing has become a permanent addition to all types of businesses – from startups to global corporations. In the age of the cloud, employees enjoy greater accessibility and agility than ever before. But, as is often the case once new technology sees widespread use, new behaviors emerge – some risky. People who use SaaS applications were significantly more irresponsible about password security, file transfer and IT compliance at work – exhibiting behaviors that can expose corporate data to unintentional leaks and malicious attacks. METHODOLOGY Softchoice, a leading North American IT services and solutions provider, commissioned a study conducted by The Blackstone Group to explore workers’ technology habits in the office. 1,000 full-time employees in the U.S. and Canada were asked about their behavior around app security, remote access, file transfer and IT compliance.
  4. 4. PASSWORD SECURITY IN THE CLOUD 10.2% 25% Non-app users SaaS app users SaaS app users are 10x more likely to store passwords on unprotected or shared drives. 29.1% Non-app users SaaS app users People using SaaS apps for work were 3x more likely to keep passwords in an unprotected document. SaaS app users are over 2x more likely to display their passwords on Post-its. Click me to share! 10.4% 2.1% Non-app users SaaS app users 21%
  5. 5. NUMBERS GAME: AGE OR QUANTITY? The reason for shoddy password protection among SaaS application users is found in the sheer number of apps employees access 28.5% 10.8% Twenty-somethings Baby Boomers 28.5% of twenty-somethings keep their app passwords in plain sight, compared to 10.8% of Baby Boomers. 36% of employees using SaaS apps for work access five or more different apps on the job – resulting in too many unique (or slight riffs on the same) log-ins for them to memorize or maintain securely.
  6. 6. SOLUTIONS: PROVEN PASSWORD SECURITY Good Companywide password security protocol. Better On-premise-based single-sign-on tied to your existing Directory Service (e.g. Active Directory). Best Secure, cloud-based single-sign-on solution tied to your existing Directory Service (e.g. Active Directory).
  8. 8. FILE TRANSFER & REMOTE ACCESS SaaS APP USERS ARE… 59.1% 27.5% Non-app users SaaS app users 2x more likely to email the work files they need to their personal account. 17.7% 3.7% Non-app users SaaS app users 4x more likely to attempt logging into a work account associated with a former job. …THAN NON SaaS APP USERS 27% 1.6% Non-app users SaaS app users 16x more likely to access work files through an app that IT doesn’t know they have.
  9. 9. CRIPPLED BY CONVENIENCE? Once employees actively use cloud apps, it seems that the desire for instant information gratification motivates their tech behavior beyond the cloud Finding an app that makes one’s daily job responsibilities easier is perceived as more important than running that download decision by IT. Unprotected email exchanges and meddling into old accounts becomes personally justifiable by this “I need it now” attitude. 76% of SaaS app users have needed to access work files away from the office, compared to 58% of non-app users. The cloud is therefore redefining how employees approach their jobs overall, not just how they use technology.
  10. 10. SOLUTIONS: FOOLPROOF FILE TRANSFER Good Standardize on a cloud-based collaboration platform solution (e.g. Box). Better Best Standardize on a cloud-based collaboration platform solution, coupled with a mobile device management (BYOD) strategy. Standardize on a cloud-based collaboration platform solution, coupled with a mobile device management (BYOD) strategy. Add a cloud platform to provide end-user management and reporting capabilities to mitigate future risk.
  12. 12. CLOUDING IT COMPLIANCE Close to 1/3 of SaaS users reported downloading an app without letting IT know. What’s encouraging this rogue behavior? 39% used the app for personal reasons first, then started using it for work, blurring the lines between personal and corporate use.
  13. 13. CLOUD-CONSCIOUS IT 37% of SaaS app users say their IT departments get them what they need. 37% Non-app users 67% SaaS app users 67% of SaaS users say IT is responsive to them. Almost half of SaaS app users (46%) said that when an unsanctioned app is found, their IT department provides a secure equivalent. 46% Non-app users 79% SaaS app users 79% of all employees said their IT department takes some form of action when an unsanctioned SaaS app is found in the office environment.
  14. 14. YOUR IT TEAM HAS A BETTER REPUTATION THAN YOU THINK Most employees feel that IT is responsive when accommodating new app requests. And instead of turning a blind eye to rogue app downloads, IT often deletes and blocks these programs, and finds safer alternatives. What IT has failed to control is the flow of personal cloud use behavior into the workplace. This presents a challenge for IT: To initiate plans and policies for long-term conditioning. To teach employees best-use standards that will protect them at work and in their personal lives.
  15. 15. SOLUTIONS: MOVING FROM IT GATEKEEPER TO SaaS ENABLER Good Better Best Third-party scan of IT environment to uncover unsanctioned SaaS app use. Communicate risks of this ‘shadow IT’ to employees. Scan to uncover unsanctioned SaaS app use. Communicate risks of ‘shadow IT’ to employees. Provide a standard ‘safe’ vendor list for SaaS apps. Standardized procurement of ‘safe’ list of vetted SaaS apps, all accessed through an identity management platform to centralize provisioning and deprovisioning capabilities via a cloud portal, enabling lines of business to make their own choices while minimizing risk for IT.
  16. 16. CONCLUSION: CLOUD CONTROL Looking at end-user cloud behavior, three curable issues emerge: Employees are surpassing their app threshold. Too many accounts prohibits safe password procedures. Today’s employees don’t just use technology differently, they work differently. Employees are undermining their IT departments by failing to grasp the risks of their lax behavior. Next Steps Next Steps Next Steps -Establish a company-wide password policy or single-sign on platform -Adopt a cloud-based collaboration solution -Tie in a BYOD strategy -Assess your IT environment -Communicate shadow IT’s risks -Consider an identity management solution Start solving one problem, and you’ll likely solve them all…
  17. 17. CLOUD CONTROL Business leaders must empower the IT department to provide workers with the apps they want (and need) to be productive Step 1: Put the right pieces in place. Implement the right policies, procedures and cloud-ready infrastructure to give IT the ability to deploy and manage suitable SaaS apps that employees need to be more productive in (and away from) the office. Step 2: Regularly communicate the secure, user-friendly cloud options at employees’ disposal and how to access them. As front-office staff increasingly see IT promote secure and flexible cloud technologies, they’ll become more aware of their advantages and more willing to comply with the rules.
  18. 18. Ready to put an end to careless cloud use? Contact us today to learn more about how Softchoice makes it easier to source, implement and manage the right cloud solutions for your organization. 1-800-268-7368