Welcome to Brown’s Bytes! Your weekly insight from Mobliciti’s CTO Andy Brown. Follow #brownsbytes
5th July 2019
I keep teasing about iOS13, but this week I need to first talk about the amazing news that rather went under the radar – the fact that WeTransfer had a “security incident” in June.
More detail on the story here, but in summary… they sent shared data to the wrong recipients.
This is pretty fundamental stuff for a file sharing platform!
Now in the Enterprise space I expect a number of readers will be somewhat ambivalent – the usual response I see to incidents like these is something like ‘We don’t use WeTransfer’. To which I’m going to have to point out:
HOW DO YOU KNOW?
This is classic Shadow IT with respect to cloud services. Now, you may say that your organisation simply blocks access to cloud storage services with your proxy.
And that is a level of control…. until it isn’t! We often see IT setting policies like this – we block access to file sharing on our proxy.
Ahhh, but then along comes an important client who has shared data with your users using something that is blocked… suddenly your users need an exception to get hold of this data. And now you’re down the rabbit hole of proxy rule exceptions for specific users… which build up over time and become an unmanageable nightmare. Usually the exceptions are never removed, they just build up over time and once a group for an exception is created, then its somehow easier for the next person to be added to it.
So, the proxy is now overridden – worse it has been overridden at the site level, your users can now do anything on that site – including upload.
SHHHH – DON’T MENTION THE MOBILES
But you see I have to! Many organisations are still looking at their desktop security solutions as defining their controls, despite their users also having a mobile device in their hands, and this device often doesn’t have any similar kind of security control over where it can go on the internet.
This is often the dirty secret of mobile – it’s still being treated as just an email device like a BlackBerry was more than a decade ago, unfortunately smartphones can do a LOT more than that.
And your users have worked this out – if you block access to something on the desktop, but they need to get access to get their job done, you don’t have to be a genius to see what they do next…
A BETTER WAY…
If only there was a way to move beyond proxy and get complete control over ALL cloud services from ANY device (including mobile)…
Yup – this is our partner Netskope, and you really do need to get in touch to learn more about this. As organisations tip over into consuming more and more cloud services (both sanctioned and unsanctioned), it allows you to redefine how security is applied across all cloud services from both trusted and untrusted endpoints.
Oh and in the case of WeTransfer (even before they sent the data to the wrong recipients), you only have to read their Terms and Conditions to see why Netskope give this a low Cloud Confidence Index (CCI) score – for example:
WeTransfer requires a license from you with regards to the Content for the sole purpose of operating, enabling and improving the Services and to develop new ones. You agree and acknowledge that by using the Services, you grant us an unlimited, nonexclusive, worldwide, royalty-free, sublicensable, transferable and assignable license to use, host, store, scan, search, sort, index, reproduce, communicate, publish, publicly display, distribute and edit (including but not limited to scaling, cropping, adapting, translating and creating previews) the Content until you delete the Content from the Services.
Netskope CCI is the tool you need to control cloud security effectively, and that means you can create policy based on behaviour and data flow rather than just whitelisting and blacklisting. Get in touch if you want to find out more.
I’ll get off my soapbox now – back to iOS next week!