KUALA LUMPUR, Dec 19 — Businesses and corporations, big and small, might want to consider expanding the line they take when it comes to cloud technology.
Administrative control over data is more lax than many are aware of, yet more crucial than ever in a crowded marketplace.
Consider the headlines Malaysians were hit with just last month. Data of over 46 million mobile phone subscribers compromised. A bank losing magnetic tapes containing back-up customer data during routine operations.
“Incidents like the recent data breach should be a giant flashing sign for businesses to examine how their own data is controlled,” says Vincent Choy, senior consultant at Fedelis Sdn Bhd, an award-winning systems integrator outfit.
Yet, after the scare of the day, most businesses have likely gone back to business as usual.
Small and medium businesses miss out on simple solutions that could prevent disaster from happening, says Choy who has been a Microsoft Most Valuable Professional for four consecutive years from 2014 to 2017.
“Small and medium businesses especially need to take a much closer look at how they embrace cloud technology. In many instances, it could simply mean investing in paid cloud services instead of just using the free ones,” he added.
Fedelis helps businesses looking for cloud solutions to cater to the productivity needs of the new generation.
It is quite common to see, for example, individual Hotmail or Yahoo email addresses on business cards.
A designer who works at a small agency of perhaps 10 people could very well be using his or her own personal Gmail or Dropbox to communicate with clients and share files.
“A lot of small medium enterprises are definitely on the cloud bandwagon as there are tools available for free that get you up and running in a matter of minutes.
“However, while this gets work done quickly, these accounts held by individuals mean the company has zero administrative oversight of the very channels that are being used to carry out work that is essentially its bread and butter,” Choy explains.
Are such controls really that important? On the tail of the massive data breach that happened last month, the answer is a resounding yes.
Consider the number of scenarios that could harm the bottomline of a company. An employee could inadvertently share a file that contained sensitive client information.
Proprietary information taken and shared with a competitor could affect the firm’s chances of securing a particular project. Or a careless individual accidentally deleting crucial company files. All these scenarios represent data breaches that can be imminently harmful for the productivity and profitability of a business.
“Using free Cloud Tools signed up by individual employees, data that actually belongs to the company, becomes too easily shared or even leaked without the company knowing any better or even being able to investigate since accounts are held in individual names.
“There is in effect very little the company can do to limit the exposure risk. Add to that, when a staff resigns, that person effectively takes everything with them causing continuity or disruption in productivity,” he stresses.
When there were revelations back in 2014 of data breaches at Malaysian companies and business associations, Lowyat.net founder Vijandren Ramadass was quoted as saying that it is no longer about protecting just servers but it is also the people working and coming in and having access to data.
In this light, companies should definitely put a little more thought and investment into levelling up the controls over the cloud services they use.
“Many apps and tools have both free and paid versions. The free versions have basic functions while the paid ones come with the administrative tools for them to be effectively used in a business environment.
“Companies big and small could really benefit from the features afforded by the paid versions,” Choy says.
Developers like Dropbox, for example, provide both a free and a paid business version. The business version of Dropbox provides a robust suite of security and administrative functions that allow the company to have an oversight on who has access to which files, who has shared files, who has deleted files, and even a longer recovery period for deleted files.
“The administrator can also sign into staff accounts if they happen to be away and access if needed,” he added. “Having a free version that business users might already be using privately makes transitioning the paid version extremely easy.”
What Microsoft has tried to do, in their Office365 suite of paid cloud products, is to first build a powerful security and administrative layer into the suite that allows the customer to control and protect their corporate data.
On this layer, they then provide a whole family of Microsoft’s own apps that work like the free apps. For example, Yammer is Microsoft’s business version of Facebook, whereas Teams is Microsoft’s version of Slack.
“People are going to use whatever tools they can get their hands on, at as little or no cost, to do their work. So companies and IT departments should sit up and take note.
“If you do not want to lose control of your data, it would be strategic to provide them these tools right from the start. And please, not just a company email,” Choy emphasized.
Well, business owners and corporations, you have been warned.