In times gone by, a misplaced laptop or dropped USB key containing reams of unencrypted confidential data represented the worst nightmare of many IT security managers. Today, irresponsible sharing of documents in the cloud is emerging as an equally important threat, providing opportunities for channel partners such as BetterCloud to introduce value-added security features for cloud information management. The company recently announced an enhanced version of its FlashPanel security platform for Google Drive, signaling the deep--and ironic--need for better security functionality in the cloud.

Like many IT infrastructures, the Google Drive service apparently was not built with rigorous enterprise-class security measures as a first priority. The platform certainly provides basic security and privacy features, but it offers few tools for preventing users from sharing files in ways that might violate company security policies or jeopardize confidential data.

BetterCloud aims to address those concerns with an updated version of its FlashPanel platform. Previous versions of the software allowed administrators to perform tasks such as monitoring the amount of storage space acquired by each user and assess sharing policies on files in Google Drive. Now, according to the company, the latest FlashPanel release "gives Google Apps administrators the ability to push out compliance to front-line employees and their managers, thereby enabling and empowering every employee to take ownership over their own security."

In particular, new features include the ability to:
  • Configure sharing policy per user, org. unit or entire domain
  • Create policy around who can share what with whom and how
  • Publicly, publicly with a link, externally, within the domain, within the domain with a link
  • Prohibit or allow specific domains through black/whitelisting
  • Notify manager of policy violation
  • Notify user of policy violation
  • Transfer document ownership
  • Change document editors to view-only
By enhancing the native feature set of Google Drive in this way, BetterCloud is responding to a growing need for more granular and extensive security functionality in one of the world's most popular, and accessible, cloud services.

The More Things Change...

And it's perhaps a little ironic that the cloud, as the newest frontier in computing, should have to depend on third-party, value-added products to provide security features that have been so deeply embedded in traditional computing environments for many, many years. Virtually every serious operating system released in the last several decades has included native support on local file systems for most of the functionality that FlashPanel adds to Google Drive. Even my archaic, wildly outmoded flip phone is based on a Unix kernel that lets me set file permissions.

But again, one of the pitfalls of the cloud, which the channel seems only now to be grasping fully, is the lack of powerful, out-of-the-box security features for controlling and monitoring who has access to which files. That shortcoming might seem silly, given the prominence of data sharing and syncing as one of the cloud's most important applications. But it also reflects a familiar trend in the IT world, where it's often more fun to build new features than to make sure they're secure. As long as that tendency endures, BetterCloud and others like it will enjoy myriad opportunities for implementing value-added security features on popular cloud services.