InformationWeek published a story on their site about how IT departments are 'losing ground' on cloud computing. The premise is that individuals in the organization are adopting cloud services with or without IT's knowledge and/or approval.
The article suggests that this is a security issue which, at the end of the day, it is. But, security is a part of information and organizational governance and, as such, this should be treated as a governance issue. If IT can't control usage of cloud services by the organization, is this a failure of IT or the organization? I can understand why someone would just use a credit card to get what they needed done sooner than later. However, this is no excuse for ignoring organizational business practice and compliance policies. In some organizations this would be grounds for dismissal.
Granted, IT departments can be slow. How, then, can IT help resolve this problem? How can IT be part of the solution? Clearly, employees need to be sensitized to the risks and issues surrounding their use of cloud based services in the organization and who better to do so than IT? Of course, this should not be taken to mean that IT should scare the bejeesus about of them, rather this should be an ooprtunity for IT to move closer to the employees and the business by seriously considering cloud based services and their impact on the organization, good or bad.
A great quote from the article: "Hello: it's 2010 and do you know where your data resides?"
No comments:
Post a Comment