Cloud-based applications and security: Not a match made in heaven
Try this: do a quick search on Google for this string of words: security, cloud, application. Chances are you’ll get something like 234 million results.
The trend to cloud-based applications is well established. However, along with the move to the cloud for applications for business productivity tools (and many other uses) comes a real concern about security.
In a recent op-ed on CRN.com (a news site devoted to news for solution providers), Chris Willis writes about the threats to cloud-based apps. Willis, who works at security solution provider Sayers, writes that there are “major issues” with using cloud apps: “There is the potential for data leakage with cloud-based applications, and some, such as file-transfer and data management apps, introduce another avenue through which threats can enter the corporate environment.”
Imagine a scenario where documents are stored in cloud-based apps. It may be convenient for several reasons (for instance, for offsite access or group sharing). However, as Willis notes in the op-ed, file-sharing apps such as Dropbox or iCloud, just aren’t “enterprise grade.”
In many companies, storage of contracts and contract-related documents can be scattered widely across an enterprise. A contract generated in procurement and vetted by legal may then be reviewed by the Chief Financial Officer (or someone in that department).
Would someone in one of those departments be tempted to store work documents on a file-sharing app for remote or home access – or merely as a backup? It’s certainly possible.
All someone would need to do to get access to these sensitive documents is get a name and password to that account. Not impossible – especially if someone is using nefarious malware such as a key logger. These days cyber criminals are a sophisticated bunch, employing many tools and real determination to get sensitive company data. Contracts certainly qualify as very sensitive data.
When you use a contract management solution such as Contract Assistant, you can rest easy when it comes to concerns about cloud-based applications. Contract Assistant is client/server based, and once installed, the software sits behind the security and firewalls of your company.
There are other security-conscious features as well. In the Enterprise edition, administrators can set read/write or read-only permissions for different users. Administrators/managers can even set viewable and non-viewable fields for different users.
Willis writes in his op-ed that what’s needed is next-generation firewalls to make cloud-based apps truly safe in enterprises. This is certainly an option. Or … you can try a much simpler route and use a solution such as Contract Assistant.