By Ed Macnair, CEO of SaaSID
The consumerisation of IT has increased the sense of entitlement among employees, who expect to be able to access information wherever they have an internet connection.
Cloud-based platforms are perfect for meeting this demand and businesses have quickly recognised the productivity and cost benefits of migrating to Google Apps and Office 365.
The barrier to making the move to either platform has been the question of how to prevent corporate information being shared beyond the authorised user base.
Taking Google Apps as an example, while it enables employees to access, process and share documents quickly, intuitively and cost effectively, its inherently open structure has proved to be a sticking point for CIOs and CISOs.
The barrier: how to prevent corporate information being shared beyond the authorised user base.
Organisations adopting Google Apps have to provide employees with access to Gmail. But employees can then login to a consumer Gmail account and attach files to personal messages: risking unintentional sharing of documents outside of the company.
If a project manager has legitimate access to financial documents via Google Drive and shares them with another employee, these documents could then be onwardly shared.
We have helped organisations to address this issue, by allowing corporate only Gmail access and blocking all consumer Gmail. By configuring our browser-based software to inject specific headers into web pages, CIOs can control the list of authorised domains that employees can log in with. For example John Smith can log in to corporate Gmail using “firstname.lastname@example.org”, but not using his personal Google account, “email@example.com”. This helps organisations adopt Google Apps, by drawing the line between personal and corporate Gmail.
This helps organisations adopt Google Apps, by drawing the line between personal and corporate Gmail.
Google Apps was built with collaboration in mind. Using our browser-based agent, CIOs can centrally manage who has access to Google Apps features that enable document sharing, regardless of the device used, or whether it is behind the corporate firewall or proxy.
In the same way, access to Office 365 features can be governed and audited through the browser, enabling CIOs to apply the equivalent levels of control that have traditionally been used to govern Windows applications that are run on-premise.
Now Apple developers have been given the opportunity to try the beta version of iWork on iCloud. This will allow colleagues to access documents wherever they have a browser and synchronise corporate documents and presentations across all Apple devices. Apple’s browser-based collaboration platform is expected to be available to businesses this autumn.
iWork on iCloud will allow Apple fans to access and collaborate on documents, spreadsheets and presentations in browser-based versions of Pages, Numbers and Keynote, in the same way that businesses currently use Google Apps and Microsoft Office 365.
To enable employees to benefit, CIOs will need to consider how to manage corporate documents that are shared via iCloud and how to revoke access to the corporate iCloud instances when employees move on.
Single Sign-On (SSO) to web applications […] can realise the cost and productivity benefits […] without making any changes to the back-end applications.
They will need to ensure that they retain control over who can access documents within iCloud, particularly if Apple devices are shared between colleagues or family members.
However, while this sounds like an additional burden on CIOs, the most effective method of managing corporate documents shared through iCloud is the same as for any cloud-based collaboration tool.
We have found that by providing Single Sign-On (SSO) to web applications – and controlling access to specific application features – organisations can realise the cost and productivity benefits and retain control over documents that are shared using Google Apps, or Office 365, without making any changes to the back-end applications. CIOs will be able to gain the same level of control over iWork for iCloud when it launches later in the year.
Applying on-premise equivalent control over application features helps to draw the line in the cloud between personal and corporate accounts so that employees can be more productive, without increasing risk.
For further information on browser-based application control, download our whitepaper, “Trusting Google Apps for Business: how flexible, simple controls protect data in the Cloud”
SaaSID Single Sign-On provides organisations with a single point of control over access to web applications that minimises the risk of unauthorised access to sensitive data.
Find out more from our company profile or www.saasid.com. Follow SaaSID on Twitter: https://twitter.com/SaaSID and connect with SaaSID on LinkedIn www.linkedin.com/company/saasid-limited.