According to Young, the risks associated with social networking and messaging applications often point to other internal problems. Often its just an employee trying to solve a problem, he said. If the enterprise solves the problem, then the risk goes away.
Crosley added that organizations often calculate risks improperly, being overly conservative when it comes to communications tools. They focus on the wrong things and dont accurately estimate the real costs associated with adopting versus ignoring a technology. Does a spike in productivity and efficiency offset the deployment cost? Does internal control offset the risk of having employees bring in technologies through the backdoor?
If employees are desperate for good web-based email, give it to them. Dont make them resort to Gmail, he said.
Beyond tools like web-based email, VPNs, and secure wireless networking, Young pointed to email security and content-monitoring as the next line of defense against data leaks. In certain industries, especially financial, its a must, he said.
Crosley suggested that companies who havent developed policies or are unfamiliar with new security technologies should bring vendors into the mix. Of course, youd expect a vendor rep to say this, but he makes a good point: Until you know the dimensions involved with your particular enterprise, its hard to develop policy. Most vendors will conduct an audit first, and thats the logical starting point.
For those further along with their security policies and strategies, they can start evaluating data-leak-prevention solutions. Startups are leading this space, with Proofpoint, Provilla, Clearswift, and PortAuthority (acquired by Websense in January 2007) all fitting the bill.
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.