(Note: This article is a repost from Security Intelligence)
If you haven’t played the new “Pokemon Go” game yourself, someone close to you definitely has. The game has gone viral since its release, and it has people out in droves wandering around neighborhoods looking for Pikachu.
Five Lessons From ‘Pokemon Go’
In the workplace, cloud apps such as “Pokemon Go” are wildly popular — and have been for a while. We all want to play, but CISOs must consider some general security requirements to be both efficient and safe.
Here are five requirements from “Pokemon Go” that can be applied to adopting cloud apps in your organization.
1. Visibility Is Essential
There are lots of Pokemon out there, but which ones are best for your needs? Having a good view of all the apps in use within your organization will not only help understand what needs your employees are looking to address, but also provide insight into where you might need to take corrective actions.
For every Blastoise, there are ten Magikarp. Pick the apps that address the right balance of functionality and corporate security requirements.
2. Connectivity Matters
Games are no fun if you have to enter a long, complex password every time you want to play. The same goes for cloud apps. You need to ditch the passwords in favor of a federated system that enables strong authentication but does not require employees to enter long passwords or write complicated ones down on sticky notes.
3. Policies Must Be Enforced
One of the great things about “Pokemon Go” is that it gets kids (and parents too) out of the house and active. This is great, but some rules have to be followed. You wouldn’t want your kids wandering around in strange neighborhoods or out all night.
This also applies to cloud app usage. Policies have to be in place to ensure apps are used within corporate guidelines, ensuring safety for both the employee and the organization.
4. Have a Mobile Strategy
Cloud apps such as “Pokemon Go” are designed to be used on mobile devices. When deploying cloud apps to the enterprise, you have to consider mobile devices as a primary platform. It requires the same security safeguards and user experience that your employees on laptops behind the firewall have.
5. Education Is the Best Defense
Educating your employees raises their combat power (CP) to defend against threats. The more employees know about appropriate app usage and the potential threats, the lower the chances of their being taken down by Charizard — or an easily defeated cyberthreat.
Remember, just like with “Pokemon Go,” the key to success is to stay active and vigilant. Taking an active security role makes cloud applications safer for everyone.