Cloud App Policy
Cloud app policy refers to policies and procedures put in place by enterprises to ensure that the usage of cloud applications by employees complies with the overall corporate security plan as well as regulatory requirements.
Policies Range From Minimal to Highly Restrictive
The cloud app policies put in place by companies can range from minimal restrictions to highly restrictive, blocking almost all cloud app usage. Many companies have started looking for something in between these two extremes, seeking more fine-grained control of their cloud app policies.
This level of control typically permits use of a wide range of cloud apps but with specific restrictions placed on how and when certain activities can be performed by employees. These types of cloud app policies are designed to protect intellectual property and sensitive data from data loss or leakage from cloud apps without needing to block the usage of apps completely.
Cloud App Policy Examples and Reporting
As an example, a flexible cloud app policy might permit the general use of a specific cloud app while blocking its use after work hours or preventing the sharing or uploading of documents likely to contain confidential corporate information.
A variety of software vendors and software-as-a-service companies have launched cloud app policy suites that will help companies enforce their cloud app policies. These cloud app policy solutions often offer unified reporting consoles that provide detailed and real-time reporting on cloud app usage by time, user, department level or similar measurable.
Related terms: Cloud app, cloud computing and Cloud Computing Security Challenges
Read Also:
- GameOver Zeus
GameOver Zeus is a sophisticated evolution of the ZeuS malware that cybercriminals created to steal usernames and passwords from users on infected systems. GameOver Zeus, or GOZ, initially spread via a malicious spam and phishing campaign that sent out e-mails appearing to come from reputable organizations such as the Federal Reserve Bank, the Federal Deposit […]
- Data Loss Prevention (DLP)
Data loss prevention, or DLP, refers to technology or software developed to protect and prevent the potential for data loss or theft. Data loss protection software is designed to monitor, detect and prevent the loss of data while it’s at rest, either in on-premises storage drives or in the cloud, as well as when it’s […]
- Cridex
Cridex is a sophisticated strain of banking malware that can steal banking credentials and other personal information on an infected system in order to gain access to the financial records of a user. The Cridex Trojan Horse spreads by copying itself to mapped and removable drives on infected computers. Cridex creates a backdoor entry point […]
- Web Scale IT (Web SCale Infrastructure)
Web-scale IT is the phrase used to reference a global-class of computing — or architectural approach — used to deliver the capabilities of large cloud service providers within an enterprise IT setting. The approach is to design, build and manage data center infrastructure where capabilities go beyond scale in terms of size to include scale […]
- Dridex Malware
Dridex is a strain of banking malware that leverages macros in Microsoft Office to infect systems. Once a computer has been infected, Dridex attackers can steal banking credentials and other personal information on the system to gain access to the financial records of a user. Dridex operates by first arriving on a user’s computer as […]