When it comes to cloud applications, ignorance is not a defence, says Jon Hamlet, country manager at Symantec.

When it comes to cloud applications, ignorance is not a defence, says Jon Hamlet, country manager at Symantec.

Cloud computing enables quick implementation of new business ideas, but it also introduces potential security perils as employees engage in shadow it, bypassing the company's IT policies.

ITWeb and T-Systems, in partnership with Symantec, are running the Shadow IT Survey 2017 to determine, among other things, the current business attitude towards cloud services.

"We have found that organisations have hugely underestimated their exposure to apps, which could have inherent risk to business. Typical organisations estimate their exposure to be under 50 applications, where the reality (post-audit) indicates that exposure could be as much as 10 to 15 times that," says Jon Hamlet, country manager at Symantec SA.

Hamlet advises companies to conduct a shadow IT audit to get an accurate reflection of their cloud application usage. This enables implementation of effective strategies for cloud adoption, he says.

Ignorance not a defence

When it comes to cloud applications, ignorance is not a defence, according to Hamlet.

"Consider this: all cloud applications communicate using a peer-to-peer or client server model, meaning that there is information exchange typically over an encrypted communication channel on the Internet.

"If a business believes it is only consuming 50 applications and the reality shows up to 750 applications, it means that there are 700 ways information can enter and leave the environment without business even being aware of it – this means 700 ways of possible infiltration and exfiltration of information."

Furthermore, there is a possible effect on employee productivity, he warns. "If users are utilising unsanctioned applications that do not relate to their business functions, a significant portion of the individual's time may be wasted, which translates into productivity costs to business."

According to Hamlet, SA is lagging behind the international curve from a cloud adoption perspective.

"The requirement for shadow IT solutions like audits and enhanced security of platform as a service and software as a service solutions only become apparent once these applications are operationalised," he adds.

Hamlet points out that a good case in point is the rapid adoption of Office365 locally.

"This has led to many businesses struggling with regulatory compliance around standards like protection of personal information and PCI. I do, however, foresee an acceleration of adoption of these solutions over the following six to 18 months."

Cloud boosts shadow IT investment

Hamlet foresees "a massive drive towards cloud locally" in the next couple of years.

"Once 5G communication becomes commercially available, I believe there will be a massive disruption in which the paradigm of the old business WAN requirements will fall away."

Hamlet concludes: "Moreover, business can then provision a mobile connection to users at far lower cost and greater speed than conventional WAN technologies, thus eliminating the need to maintain an opex-heavy network environment. A natural progression is then to adopt cloud applications for business functions, removing the need for data centres."

Complete the Shadow IT Survey Survey 2017 and stand a chance to win a Nespresso Citiz coffee machine.