The line between work and play just got a little blurrier and the potential for a data breach a lot higher with the launch of Apple's iCloud.
If you are unfamiliar with iCloud, it is a set of free cloud services, including iTunes in the Cloud, Photo Stream and Documents in the Cloud, that work with an iPhone, iPad, iPod touch, Mac or PC to store content in iCloud.
When content changes on one device, all other devices are automatically updated. A wonderful service for consumers; however, for enterprises iCloud has the potential to wreak havoc.
Enterprise cloud computing options such iCloud and the proliferation of mobile devices in work environments have created a challenge for IT departments as they struggle to maintain control over how business data is accessed and shared.
When employees and contractors bring these devices into the workplace, these services can quickly become a security and compliance nightmare.
Similar to Dropbox, iCloud was designed for consumers; therefore, it lacks the necessary security for stored information and offers no oversight or management control over information that is shared.
Because IT has no visibility or control over the information being accessed or shared, it is impossible to know just how exposed an organization is to a data breach.
As data breaches continue to top headlines and penalties for non-compliance continue to climb, now is not the time to ignore security vulnerabilities. Organizations require more than just a freemium, public, multi-tenant cloud solution.
Enterprise solutions should support a variety of deployment options for virtual environments including VMware, Citrix XENserver, Microsoft HyperV, public, private and hybrid cloud environments, FIPS 140-2 certified deployment and also on-premise physical installation.
The solution should allow you to mix and match different deployment modes and integrate as one solution.
Enterprise-level solutions provide IT administrators with the necessary visibility and control to monitor and manage what information is being accessed, by who and when so the enterprise can comply with industry regulations such as SOX and HIPAA that require monitoring and reporting systems to be in place.
Utilizing security controls, IT administrators and business users can set policies to prevent files from being forwarded to unauthorized users.
Meeting the needs of enterprises requires choice of where to store data, particularly sensitive information. Organizations with an enterprise-level collaboration and file sharing solution in place for mobile devices find the temptation for employees and contractors to use free iCloud and Dropbox-type applications is eliminated.
IT administrators can manage and audit file sharing, ensuring that users are complying with security policies; and IT managers and compliance officers can be confident that compliance mandates are being met.
Author's Note: This blog post has been adapted for this audience from a Government Security News article.
