Kevin Jones, vice president of public sector at Campbell, California-based cloud security access broker Skyhigh Networks, has said government agencies should adopt cloud-based controls to ensure visibility into data and protect them from security vulnerabilities and other cyber threats.
Jones wrote that deploying cloud security controls seeks to enforce a use policy “regardless of how an employee accesses the cloud.”
He discussed the emergence of “Shadow IT” and its relation to data loss in the government as well as risks associated with the use of “unsanctioned” services by employees to process sensitive government files.
He also cited the importance of having visibility into employees’ activities in cloud environments.
“As a baseline, gaining visibility into all cloud activity will help enable the right types of behavior with the right cloud services, thus expediting safe cloud migration,” Jones noted.
“Furthermore, data security must be paramount from the early stages of cloud application development.”