Welcome!

@ThingsExpo Authors: Zakia Bouachraoui, Pat Romanski, Roger Strukhoff, Carmen Gonzalez, Yeshim Deniz

Related Topics: @CloudExpo, Cloud Security, @ThingsExpo

@CloudExpo: Blog Post

How Free Apps Can Destroy an Organization By @IanKhanLive | @CloudExpo #Cloud

How popular apps with a dark side may open the doors of destruction for your organization before you grab your morning coffee

How to Destroy an Organization in Three Ways with Nothing but Free Apps

I didn't want to be so dramatic, but I couldn't help but be completely honest as well. The end possibility is that your entire organization may suffer the fate as Sony Pictures, Target, Anthem and others that have been shaken by hacks and vulnerabilities in their networks. In some cases it has been analyzed that hackers sat in for months stealing data, until they chose to tell everyone about their presence. That's probably one of the reasons that websites like WikiLeaks are constantly able to churn document after document, exposing one thing or the other. Without supporting any of these and staying neutral, enterprise IT does face a daunting task of protecting the fort from everything out there. It's not that enterprise IT is not doing their job. The fact remains that end users within organizations are causing a huge disruption by adding consumer-level apps to their work life. The advent of BYOD and a harmless Wi-Fi connection to your work Internet is all that is needed for the hacks to start happening.

Document Sharing Applications
Consumer grade applications such as Google Drive, Microsoft Sky Drive. Box.net, and Dropbox are amazing applications. You get a tremendous amount of storage space online, they integrate with your Android or Apple phones and essentially provide a high level of convenience for the consumer. In the business environment, they open up a loophole that's an IT department's nightmare. Apps like Dropbox within an enterprise keep a door open for anyone that a document has been shared with. Once employees leave the organization they may still have access to the links, which even if encrypted would render them useless for other users. On the other hand consumer EFSS (Enterprise File Sync & Share) applications like Box are vulnerable due to it not being secure. Yes, the right encryption at multiple levels may reduce the impact. The same goes for Google Drive and others. Mind you we still haven't discussed anything about a private or public cloud. The public cloud framework is excellent, but may not work if you are hesitant to share documents on a server that's not private. Overall document management, EFSS and consumer grade solutions pose the highest risk for any organization. The problem is also that multiple users will create accounts and use different solutions, so it's not uncommon to see users within departments uploading documents on multiple file sharing websites.

Social Applications
Social applications such as Facebook, Twitter and WhatsApp are changing the way we communicate. I use all three for different things and I can't get enough from all of them. Although highly useful, many such applications may pose a risk to your organization's security in many ways. For social media users it's more a matter of policy and to be able to get users to follow protocol when in their corporate environment. Twitter and WhatsApp are apps that need more of an IT usage policy and governance for sharing links, documents and other enterprise digital assets. Of course add-on applications on Facebook may not offer the highest level of security and in fact may be a loophole for spammers and malware cybercriminals to get into your organization and take away from the productive time your employee could have. The effects of malware on employee productivity are highlighted in the Ponemon Institutes Research Report, which mentions that phishing scams can cost an average organization as much as $3.7 million in lost productivity time.

Gaming
Games are addictive and I personally don't believe that we should stop playing them. However, we do need to be selective with the games we download. Here is an example. While Angry Birds may have been one of the most popular games of all times, a Chinese version of the game has been reportedly infected with the XcodeGhost Malware. On the Apple China store, over 25 more games and apps have been compromised by the malware. This is just one incident where a vendor took responsibility. There could be many more that we don't even know about yet. Using any affected app on a smartphone or device that is being used in the enterprise environment opens the door to malware spreading to other machines and devices. The potential threats could be the opening up of ports, time-activated viruses or opening the doors for cybercriminals to sneak in.

Where to Go from Here
Determining and securing all risks to the enterprise at an IT level is a challenging task. This is constantly being made more difficult through decisions and vulnerabilities that employees are making, most of the times in good faith but without the right information. Unfortunately such actions sometimes cost us millions of dollars to undo the damage. For IT managers it's a challenging time ahead as our technology mix evolves to be more complex, and for users it's a time to reflect upon what they use and why. There is definitely a growing need for end users and policy makers to work together and collaborate for a more stable and stronger organization.

More Stories By Ian Khan

CNN Futurist, Forbes Contributor, Author, 3 Time TEDx Speaker and Technology Futurist, over the last 20 years Ian Khan has had the privilege to serve the needs of over 5000 organizations by fueling their growth through technology solutions. He has helped a diverse set of businesses ranging from Technology Companies, Oil Companies, Power Generation & Renewables Operators, Microsoft Ecosystem Partners, SAP Customers and Partners, Healthcare Providers, Manufacturers, Facility Operators, Startups, Educational Institutions, Nonprofits & associations and more. Ian’s experiences with these organizations led him to a unique position of being able to identify the common challenges of growth for all these organizations. The bottom line as he found out, is that we all are hungry for success and want to grow and make a difference. Where we fall short is by failing to understand our environment and taking the right action within that environment. After 20 years serving the needs of the industry Ian’s natural pivot was to answer his calling and help organizations at a broader level understand what tomorrow brings. His work and study of all these organizations brought forward very unique perspectives that he now share through his work. Today, hands down, we live in the great time for humanity. Technology is a great thing, but it also has its victims. Many organizations of tomorrow will fail under the pressure of a fast changing world, much of which is fueled and driven by technology. Ian’s mission is to help organizations avoid that pitfall, and propel themselves into success in today’s era and go from digital disruption to digital transformation in the fastest and most sustainable way. This is the only way, according to him, we can together create limitless value, create solutions that are faced by us locally as well as by others around the globe, and make the world a happier place. Today Ian’s work spans working with people by delivering keynotes, consulting and by promoting his 7 –Axioms methodology through his book and workshops. He is also working on an ambitious project of releasing a documentary in spring of 2018 called Industry 4.0. Industry 4.0 will capture the thoughts and insights of some of the world’s leading thinkers and help us understand the 4th Industrial Revolution, Its Impact, and how we can all be have an opportunity to be part of the emerging future and make the right choices. For more information please visit www.iankhan.com

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility.
Today's workforce is trading their cubicles and corporate desktops in favor of an any-location, any-device work style. And as digital natives make up more and more of the modern workforce, the appetite for user-friendly, cloud-based services grows. The center of work is shifting to the user and to the cloud. But managing a proliferation of SaaS, web, and mobile apps running on any number of clouds and devices is unwieldy and increases security risks. Steve Wilson, Citrix Vice President of Cloud,...