When it comes to securing your data across all channels, the conversation naturally leads right to BYOD and mobile – the most challenging areas for any organization. Because from social to mobile to cloud policies – if you make it too difficult for people to do what they need and want to do, they are just going to find a way to go around you. When they do that, you lose visibility into what they are doing, establishing a self-defeating cycle. Many organizations are offering multiple channels for users to register devices and then relying heavily on data analytics to decide what needs to be addressed inside the environment. When policies push people outside of your visibility and control, you cannot gather the information you need to manage the environment. The concept of shadow IT is becoming more prevalent as millennials can buy large amounts of storage and they are the most tech-savvy generation in history.
Social media is a channel for vulnerabilities. Are your users online asking questions such as, “I work for company X, and we are using these firewalls configured this way - anyone have any suggestion?” The company has just revealed proprietary information making it a target.
Many participants said they relied on written procedure and policies to control what users are and are not allowed to do. Perhaps they encrypt information in the cloud, but they insist on owning the keys.