With any new information technology there are always unforeseen consequences. In the eyes of the IT group these consequences are often a mixed bag underscoring the maxim "what you win on the swings, you loose on the roundabouts."
While "the cloud" has delivered many good consequences (such as greater infrastructure flexibility, lower costs, and so on) it has also been found to have a dark side (for example, security problems and management issues).
A recent report by Softchoice Corporation, a technology services provider, has revealed a new set of unforeseen consequences from cloud-based SaaS applications. The report based on responses from 1,000 employees is titled Careless Users in the Cloud (and what IT can do about it) found
... employees who use SaaS apps for work are developing bad tech habits that expose their organizations to security breaches and data loss.
The report's highlights include:
- More SaaS apps mean more passwords to remember (or disable): 36% of employees access five or more SaaS apps on the job every day.
- Easy procurement of SaaS means users are circumventing IT to use them: 27% of SaaS users access work files through applications IT doesn't know they have.
- Bad SaaS behaviors are more prevalent in younger employees: Twenty-somethings are three times more likely to keep passwords on Post-it notes compared to Baby Boomers.
It appears that the easy access to and novel workflow opportunities of cloud-based services (for example, being able to easily transfer and share files with other people) makes users less conscious of security issues. Another driver of consequences is the range of cloud-based apps that are used without IT's knowledge and that users justify by arguments such as the need to solve a problem immediately.
One of the other findings in the report, which I'm sure many people in IT are already aware of, is that the blurring of the line between online activities for work and personal use makes for weak security and confidentiality.
Perhaps the greatest conclusion from the report is the idea that IT groups should plan to change from being gatekeepers to being SaaS enablers. Now, there's a novel idea.
So, are you ready to change? What's holding you up?