Restrict access to cloud services, businesses urged

Tuesday 8 January 2013

Businesses need to ensure they exercise full control over who is able to access their cloud services and applications, it has been suggested.

Writing for Network World, David Geer of CSOonline said a failure to "check IDs at the door" is creating unnecessary risks for many organisations.

He claimed that the only secure way to log in to the cloud is through enterprise identity management systems (IMS).

Mr Geer said many cloud services permit "just about anyone" in the organisation to sign themselves up, create their own IDs and passwords without registering these with the enterprise.

They are then able to connect these credentials to personal email addresses, he noted.

And while this may be convenient for individuals acting in good faith with the required authority, businesses should not allow this to happen.

John Thielens, chief security officer of Axway, said it is all too easy to start out this way.

He told the news provider that failing to integrate with enterprise IMS will leave the organisation open to leaks, policy violations, and ultimately unable to secure the cloud.

Posted by Alex Boardman