You’ve seen “the glaze”. The glaze occurs during discussions with non-technical people. You may encounter the glaze when explaining the merits of 2-factor authentication. The glaze is common while discussing Chrome Sync browser subtleties. A “smile and nod” often accompanies “the glaze”.
Let’s take computer security, for example.
A security expert might discuss authentication, access control lists, encryption, and trusted platform module hardware systems. This will almost certainly induce “the glaze” from non-technical folks.
“The glaze” means people don’t understand. We need to simplify things to gain understanding.
Overcome the glaze
Let’s try this using our computer security example with Google Apps.
Much of computer security can be boiled down to management of access, sharing, and storage. Let’s take a look at each of these, along with a Google Marketplace solution for each that can increase your organization’s security.
Access to Google Apps depends on a Google account username and password. Two-factor authentication requires you to enter a 6-digit code found on something else you have (e.g., your phone). Google Apps now lets you require users to use 2-step authentication. This works well for managing access to Google Apps.
OneLogin lets you manage user access to many web services. Add a user, specify that they need access to Google Apps, Salesforce and other services. OneLogin works with many web applications, as well as legacy systems, such as Microsoft’s Active Directory services. Centralized authentication and access management is essential for security. Pricing is $5 per user per month, with discounts for education and non-governmental organizations.
Sharing information from Google Apps can be limited. For example, sharing of documents outside the domain can be restricted. Similarly, sending email outside the domain may be prohibited; this can be especially beneficial for student accounts assigned in an educational setting.
zSentry may be of interest to organizations needing increased email security. They provide a solution that works with Google Apps and Gmail accounts to encrypt email and files. Equally useful is the fact that their solution supports mobile devices. This may be of particular interest to organizations in the healthcare and medical communities, as they assert their solution is HIPAA compliant. Pricing for this version costs $79 per user per year, with discounts for increased numbers of users.
Storing documents locally can also be restricted. Google lets you prohibit users from using offline docs. You can also prevent users from installing Google Drive for Mac/PC. Neither of these options, however, prevents users from downloading an individual Google Doc.
CloudLock helps administrators review and manage Google Docs sharing settings for the entire organization. The system can scan Google Doc sharing settings. Administrators can adjust sharing permissions to protect sensitive information. Sophisticated rules and policies for sharing among different groups can be deployed. The system provides a detailed audit log of changes. CloudLock for Google Apps costs $19 per user per year, with discounts for government, education and non-profit organizations.
Google Apps + Marketplace
Google Apps provides effective controls to manage user access, sharing and storage. Solutions from the Google Apps Marketplace help increase security and manageability. These solutions add cost, but may be essential for organizations in fields such as health care or law.
Of course, no solution will ever prevent intelligent, determined individuals from obtaining sensitive information. But you - and the non-technical managers at your organization - need to take steps to ensure that proper precautions are taken.
The first step toward achieving greater security is understanding the problem, which means explaining the issue to non-technical users without seeing “the glaze”.