Let me set the scene: You are a solution provider, let’s say a managed services provider, supporting an SMB with about 150 seats. You secure their on-premises data, monitor their infrastructure, run their BDR, and are helping them prepare to take some content to the cloud. Then suddenly, that customer’s sole IT guy says: I think some of our end users are putting stuff in the cloud, but I don’t know for sure.
You break out into a cold sweat. Why? Because we all know the new saying that once it’s on the Internet, it is always on the Internet, and data in the cloud is sort of the same. Apparently, you are not alone in this nightmare because a new survey from SailPoint shows that in many cases, IT departments have no idea what data is actually in the cloud or what applications are being used in the workplace. In fact (this will make you cringe), 34% of the respondents say they don’t bring IT staff into the vendor selection and planning process when a cloud application is procured using another budget. That makes for a bad day all around.
If that wasn’t bad enough, how about this: SailPoint’s survey found that end users have more and more autonomy to deploy cloud applications without IT involvement, BUT they don’t manage access control to those applications. Seventy percent of the survey takers believe their IT department is ultimately responsible for managing user access to cloud applications (at least some of those folks have to be part of that 34%, so this is particularly troubling). And last, but not least, more than 14% of respondents admit they have no idea if sensitive data is stored in the cloud.
All of this provides some interesting fodder if you are looking for an icebreaker with your customers – to talk about security, application control, access control or cloud. Keeping them aware of the pitfalls is as much a part of the sales pitch for your services as actually resolving those pain points. You can read more about this survey, and perhaps take additional notes that can help you educate your customers, by clicking here.