Oct 15 2018

4 Ways to Keep a Closer Eye on Employee Cloud Use

To retain control of business data, IT departments must monitor workers’ use of web services.

Think about how many cloud services the average person uses each day. For most, it’s a mixture of services managed by their employer and others chosen for personal use. An IT professional might carefully manage the separation between those worlds, but it’s very easy for users to accidentally spread information from their work lives into their personal cloud services.

When this happens without the knowledge of the IT department, it exposes the organization to the risk of loss, theft or public disclosure of sensitive information. Here are four ways that businesses can better manage employee use of cloud services to detect data leaks and repatriate improperly exposed data.

VIDEO: See how businesses best manage workloads in the cloud!

1. Tap Google Alerts to Spot Data Breaches

Some of the most embarrassing and damaging exposures of sensitive information occur when employees accidentally publish such information on the internet. Administrators can set up a series of strategic Google Alerts to watch for the presence of sensitive information. For example, a search for “+site: yourcompany.com +SSN” might provide an early warning of places where you’ve accidentally exposed Social Security numbers to search engines.

2. Audit Cloud Permissions to Prevent Accidental Exposure

When employees make use of approved cloud services, be sure to audit the permissions for those services to prevent accidental exposure of sensitive information. It’s best to conduct regular audits of cloud service permissions, paying particular attention to publicly shared files.

3. Deploy a Cloud Access Security Broker

Managing cloud service use and permissions is a time-consuming task for an IT staff. Cloud Access Security Brokers (CASBs) alleviate this by providing a centralized approach to cloud service management. These solutions monitor cloud service use and watch for violations of the organization’s security policy, ranging from inappropriate permissions to the use of unapproved cloud services.

4. Implement Data Loss Prevention Tools

Data loss prevention technology monitors user activity on endpoints and the network, watching for attempts to transfer sensitive information. DLP systems play an important role in stopping the spread of sensitive information to the cloud by preventing it from leaving the organization. This saves administrators from a time-consuming and embarrassing cleanup effort.

Halfpoint/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT