Of all the thousands of cloud services your organisation uses, about 10% may be considered “low risk” or “Enterprise ready”. So which of these should you “sanction” for people to use and how do you ensure they use them?
+ User Education
Our experience is that if users put your data in the wrong place, it is seldom malicious. They put it there because it was easy and they thought it was safe.
Users almost never read the EULA terms and conditions the first time they use a service before clicking “I Agree”? Do you?
So how do you stop your data going to more and more places with less and less control? How to you bring your users along the journey to the safe use of cloud services.
What is the right approach to influence users to use sanctioned services? Techniques like web splash or opt in screens or educational “Did you know” style approaches. The goal is to guide users to the sanctioned sites and away from the risky sites.
You could allow the use of non-sanctioned sites for “personal use” only.
You could go all the way and automatically block high risk, non-sanctioned sites.
You can even check and make decisions based on the content of the data to see if it should have left your premises (health data, tax, credit card numbers).
There are many options and we can help you learn from many approaches what the best approach may be for you.