Connect with us

Hi, what are you looking for?


Cloud Security

Facilitating Enterprise Cloud Adoption through Intelligent Policy Enforcement

No matter what rules or policies businesses put in place, resourceful workers will always find a way around them in the interest of better communication and efficiency.  It’s a fact. Employees self-select external collaboration resources that make them more productive in doing their jobs.

No matter what rules or policies businesses put in place, resourceful workers will always find a way around them in the interest of better communication and efficiency.  It’s a fact. Employees self-select external collaboration resources that make them more productive in doing their jobs. This leaves businesses with essentially two choices: they can either fight their users, penalizing and even terminating those who try their hardest to increase their effectiveness, or they can own this new way of working and provide a secure, reliable, and comprehensive solution.

There is a growing trend of true cloud players such as and Google investing in enterprise wide platforms. This signals to me that a growing number of companies have realized that the benefits of the cloud are too valuable for employees for them ignore. It is time to take the steps to enable and manage the cloud movement. Security, once an obstacle to cloud adoption at the enterprise level, is increasingly being viewed as an enabler to unlocking the cloud’s power and is a driving force in its wide-spread adoption.

Why the change of heart? Because try as they might to enforce network protocols on-premise, these organizations have finally realized that they can not stem the tide towards the use of cloud-based functionality, nor can they account for all of the personal devices employees are using that are connected to corporate networks and databases. Mobile, social, and cloud forces are converging to bring even the most conservative industries into this brave new world of always-accessible, always-on technology.

Enterprise Cloud Applications

What companies are realizing is that when it comes to information, people can ultimately decide what to share, who to share it with, and what network, application, or service they will use to do so. Creating difficult security policies that stand in the way of being able to use an officially sanctioned system results in less security, as it will simply drive users into consumer-grade apps.

While we tend to focus heavily on enterprises moving to the cloud, there are a number organizations being created today that are “born in the cloud.” Rather than replacing costly expenditures on hardware and equipment based on-premise, they are utilizing the power of the cloud for all of their network needs right from the ground up. My own company was built this way. This eliminates the potential pain points of a later migration and offers them immediate capital savings that can be invested into the core competencies of their business.

One way of looking at how both models of cloud adoption transform businesses is as a form of increasing user empowerment. By implementing what we often refer to as intelligent policy enforcement, enterprises can, for the first time, help their employees become accountable for managing where their critical data sits, ensure that security and compliance standards are being met, and do so in a way that is compatible with their practical requirements. Moreover, when issues arrive, the organization can be immediately alerted and deal with this issue at both a technical and human level. This nuanced and highly responsive approach is allowing enterprises to take greater advantage of the tools and services only available in the cloud, while remaining fundamentally in control of their most sensitive data.

Of course, faster and broader migration to the cloud does present new risks. I find that organizations that migrate to the cloud tend to go through a period of what I refer to as the “honeymoon” phase: a sense of relief from the stress and worry of dealing with its data, and a sense of joy as they realize what new means of collaboration are available to them with their cloud platform or platforms. While I fully endorse the cloud as the best and most secure way to store data, it is not free from responsibility. This honeymoon often ends with a realization that there are still regulatory, organizational, and security compliance issues to be managed.

Advertisement. Scroll to continue reading.

An analogy to illustrate this point: storing one’s life savings in cash under a mattress means being far more worried and vigilant about its safety than if it were in a bank. You are certain to lock the doors and windows when you leave the house. You likely check on your money’s status often, to reassure yourself that it is still where it’s supposed to be and has not been discovered and stolen. In short, the job of managing it yourself becomes a full-time burden.

When you finally come to the (entirely sensible) conclusion that this money is better stored in a bank, you no doubt feel an overwhelming sense of relief. However, you are still responsible for maintaining some level of security over your account. While the money is physically more secure in a bank than in your home, you still wouldn’t go around sharing your account numbers and pin numbers or leaving your bank statements around for others to find. It works the same way in the cloud: while the data is safer, you are still on the hook for a certain level of vigilance and security.

What intelligent policy enforcement does for an organization is ensure that their security and compliance standards are adhered to at all times while also improving the work habits of users. As these policies evolve and grow over time, organizational efficiency rises with them, as users become more comfortable using the platform and its security requirements. Better access to the collaborative tools offered by the cloud translate into more productive employees, and over time the work environment itself becomes more flexible and responsive.

Policy enforcement is more than just ensuring every bit of data is secured in the correct field of a given application. We recently worked with a large financial services company who, upon migrating its operations to the cloud, realized that it had 36 distinct contracts in place with to provide the same exact service across business units. Not only did this present a clear duplication of asset allocation, it represented a security and compliance risk to the organization with the potential for company value-altering penalties. Through policy enforcement, they were able to standardize on across the enterprise and eliminate potential risk.

The cloud debate is over. Nobody argues as to whether the cloud offers greater business performance or value. The cloud is opening up new possibilities to organizations across the globe and enterprise platforms residing in the cloud can now elevate an organization’s capabilities at a fraction of the cost. The last point of contention, security, has also proved to be a non issue and in fact, is now a primary motivator for cloud adoption. When it comes to assuring the protection of data, the enterprise has embraced the idea that it’s more about people and policies than outdated protocols.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.