How to ensure rogue cloud services don’t leave you in the lurch

Grazed from NetworkWorld. Author: Alan Conley.

Bring Your Own Cloud (BYOC) is often associated with personal services like Dropbox, but internal business units have also been known to sign up for cloud services without IT’s knowledge, raising questions about everything from security to business service expectations.

But if you have a plan in place when it comes to business units accessing external cloud services for projects, IT and the business can get what they want without jeopardizing services or security. Here are the key things to consider:..

* Establish policies on what material is acceptable to store on public clouds. Do not store confidential material outside of the company firewall unless your security organization has performed a security audit on the provider. Security organizations typically have classifications for different information and can assess if the necessary controls are in place by the provider. Clouds often do not offer data encryption and can leave your data vulnerable. Depending on the data you wish to store in the cloud, you should ensure that it is encrypted both in flight and at rest…

Read more from the source @ http://www.networkworld.com/news/tech/2013/092613-rules-for-byoc-274234.html