Does IT lose control of business services in the cloud?
A question: who participates in decision making when cloud services are taken to use?
Until now all decisions related to software acquisition had to involve IT, as they deployed and maintained the software. Cloud changes this in many ways and the question is: does IT need to be involved if we start using something that is purely in the web?
The easy answer would be integrations, as many business systems need user, customer or other information from existing systems. But not all of them do. For example, it is very easy to start using a new collaboration platform in a team or a project just by inviting team members there. So what’s the problem?
If an employee leaves the company, access to business systems must be denied from him for confidentiality and security reasons. What happens if your new product development project information is suddenly in the hands of an employee working for a competitor? Now consider the cloud: user will be able to access cloud services anywhere outside the company network, and often with credentials created for that system only. Who takes care of this?
The problem is that responsibility for managing access permissions is not something that happens naturally. If the responsibility is spread around the company, it will be difficult if not impossible to implement policies that guarantee confidentiality.
IT needs to wake up to take initiative and implement proper policies before things start hitting the fan.
Just remember this: one of the main reasons for business acquiring cloud services is the fact that it’s easy. Don’t make it difficult to acquire cloud services, but make sure that confidentiality and security issues are taken care of.
|
