eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
110 Cloud Services Enterprises Are Most Likely to Blacklist
2Dropbox
People generally take the path of convenience over security. Dropbox allows users to easily share files with anyone, and typically users don’t think about security. Inviting people to share files that are too large to email seems like a good idea, but when someone leaves the company or group, they still have access to the files. Banning the app won’t work because users will find a way around it. Encrypting the files and applying persistent security to them will prevent people who are not authorized from accessing the content within them. —Ron Arden, vice president of data and software security developer Fasoo
3Angry Birds
While Angry Birds doesn’t appear to have any behaviors that leak corporate information, Chinese versions of Angry Birds 2, have been reported as potentially infected by the iOS XcodeGhost Malware. It’s important that companies keep their employees updated and aware of mobile threats, especially surrounding apps with numerous versions. Other than the malware threat, some companies choose to blacklist popular games due to productivity concerns, especially on corporate owned devices. —Domingo Guerra, president of mobile app risk management provider Appthority
4Facebook
We have found that Facebook is the most popular app on employees’ mobile devices. It may be blacklisted, but employees are still going to find a way to use it. In such instances, it’s better to look at the behaviors and features of the app and determine if it goes against corporate policy. —Domingo Guerra, president of mobile app risk management provider Appthority
5Microsoft OneDrive
If companies want to be protected against dangerous EFSS apps, having an enterprise control system of some kind is required–and with proper policies implemented. In short, security issues related to EFSS app use occur because of a lack of in-place company policies that govern said activity. Another element that is usually missing is an actual security system that would put into place access, policy and encryption that would automatically control the flow of sensitive data into an EFSS solution with the desired precautions (encryption and policy) applied prior to the file departing the premises. —James LaPalme, vice president at data security provider WinMagic
6Google Drive
Enterprise key and policy control is mandatory. Enterprises need to deploy, manage–and most importantly, control–the security solution that governs the encryption and policies. This should not be placed in the hands of a third party, but should be managed internally. —James LaPalme, vice president of data security provider WinMagic
7Box
Seamless and transparent security is needed for EFSS solutions, such as Box. The best way to secure them is through encryption, but it must be used correctly. Encryption that is implemented at the endpoint, and then implemented into an EFSS system, is the best approach for security for applications like this. —James LaPalme, vice president at data security provider WinMagic
8WhatsApp
This popular mobile messaging app allows people to share information easily across mobile platforms, including links to documents that may contain sensitive information. Since this isn’t controlled by IT, people could inadvertently or deliberately share information with the wrong person. If you encrypt the files where the links point and apply persistent security to them, only authorized people could access them. That will eliminate the risk. —Ron Arden, vice president of data and software security developer Fasoo
9Twitter
Much of the chatter surrounding Twitter is tied to corporate policies around data sharing. If companies recognize any sort of malicious activity or behavior, they should restrict mobile communication to only secure and approved apps. Industries that face strict regulations on data leakage or data security practices (such as proper encryption) often restrict or blacklist certain chat, messaging, and communication apps. —Domingo Guerra, president of mobile app risk management provider Appthority
10Skype
This is a great tool for business productivity and makes it easy to send files to anyone, anywhere, on any device. If not controlled, a company could lose confidential files through a few clicks. Applying strong encryption and permission controls restricts access to authorized users, so if a file got into the wrong hands mistakenly, it would be useless. —Ron Arden, vice president of data and software security developer Fasoo
11SugarSync
EFSS solution usage is exploding and offers a quick, easy and economical way to sync and share files. The security solution should be enterprise-controlled and implemented while remaining seamless and transparent for the user. Only when an unauthorized user gains access to a file should anyone really know that the file has encryption applied. —James LaPalme, vicepresident of data security provider WinMagic