Finding security peace of mind through user adoption
Security is a hot topic in technology these days, and for good reason. The British insurance company Lloyd’s estimates that cyber-attacks cost businesses as much as $400 billion a year, which includes direct damage plus post-attack disruption. Each breach seems more serious than the last, further widening the chasm of trust between the public and the institutions they do business with.
So, what are you supposed to do when you’re a business in 2018 trying to move quickly and innovate, but also trying to stay ahead of these issues (all the while praying you weren’t affected)?
As a Dropbox Business Solutions Architect, I get asked these types of questions regularly: “How does Dropbox Business help me be secure?” My answers always follow the same logic: the best, most secure applications are the ones people use.
This might be counter-intuitive to some, but what we’ve noticed is this: the more people use a product, the more safety controls you have over their behaviour. We call this the positive cycle of security: adoption = control.
It goes without saying that business is plagued with buzz words. One of the more recent and probably most overused: Shadow IT. It describes when your users choose a software or platform you didn’t give them. I respond with the same answer every time I hear it: Shadow IT is just current IT in our world today.
It used to be that users couldn’t really adopt the software they wanted and instead were forced to use what they were given. But, with the advent of user-focused tools and the proliferation of SaaS companies, teams of people outside of IT are now starting to adopt new, faster and better workflows.
With this change comes a core issue that is keeping IT leaders up at night: how do I keep it all secure? The obvious concept of blocking entire domains doesn’t do anyone any good, because users are agile and better at thinking of workarounds. Everyone works in different ways, employing different technologies or processes to help them achieve their goal. This makes a singular approach untenable. Also, there is a reason why they are choosing the technology they do—it is probably making their lives easier and helping them be more productive.
The truth is, that when IT truly engages with the broader company, great things can happen. It makes employees feel valued and that alone can help teams be more effective. If you can enable them to be more effective then new workflows can open and collaboration can happen anywhere, clearing the obstacles that can slow growth. So, why don’t you take the software they’ve worked with, the software they’ve built productivity around and systematise it to secure yourself? That way, you stop employees from feeling trapped and sending them to look for work arounds.
Tools like Dropbox Business allow you to enable the most basic and important measures against phishing and malicious attacks, such as forced 2-Factor Authentication, Required SSO, Web Session Controls, Password Rules, application-level security partners, and much more.
These tools provide, at the very least, a base layer of protection and will instil a culture of security within your working environment. This, coupled with adding security to the ‘human factor’ and turning your employees into a ‘shield’ against cyber-crime should give you a more robust defence against hacking.
The cloud represents an opportunity to centralise data and still make it quick to access in the mobile workplace. Built on top of that is the opportunity for some to take advantage of our old web habits for malicious reasons. But these hacks are not something to fear, they are something to fight. Instead of worrying about what people are working with, a better opportunity has arisen to safely enable them wherever they are.
Dropbox Business is a tool that does exactly that. It has been designed to give your employees the ability to continue being creative, productive, excited and in flow whilst giving you, the security team, the ability to sleep at night knowing you’ve worked with them on a secure and successful solution.
To find out more about how Dropbox Business can give your teams the freedom to work securely, unleashing their creative energies without unlocking the door to your sensitive information, click here.
To watch the webinar on this topic and dive into this in more detail, head here.
Abhishek Lahoti is an Enterprise and Channel Solutions Architect for Dropbox Business, helping our customers build integrated and optimised solutions with our technology at the heart. He has worked with companies across all verticals, utilising product, marketing and conversion expertise to create solutions that deliver against key business requirements.