How many third-party entities have access to your data through software installed in your machines? How many host sensitive information on shared servers or multi-tenant infrastructure that you do not control? How many have already lost, through data breaches, the passwords that your staff uses (or reuses) everywhere?
Dropbox maybe? Okta? LogMeIn? GoToMyPC? LastPass? 1Password? And what about…
Yahoo!? (500M accounts lost) | Heartland? (134M) | Avast? |
Marriott? (500M) | Target? (110M) | Orbitz? |
LinkedIn? (164M) | Facebook? (87M) | the IRS? |
Equifax? (143M) | Adobe? (38M) | T-Mobile? |
| eBay? (145M) | Experian? (15M) | Zoom? |
There's one thing you can be sure of. Nobody cares... if you don't.
Entrusting data and processes to third parties online is worth the limited risk for MS 365®, Google® Workspace, and for your Line of Business applications, but not worth the higher risk for critical tools and sensitive information.
Setting up your own Remote Management and Monitoring system on a hardened single-tenant server that you control is the “safer” way to maintain your fleet of PC's and support your users.
No need for Kaseya®, Solarwinds®, Connectwise®, and the likes who expose their clients to supply chain attacks and ransomware.
Setting up Zero Trust or a self-hosted VPN server with two-factor authentication is the “safer” way to let remote users access Windows® applications, virtual desktops, SMB shares, and PC’s on-premises. No need for LogMeIn® and the likes.
IAM/SSO is free with your MS365 or Google Workspace subscription. No need for Okta and the likes.
Self-hosted Open-Source alternatives* to all these and LastPass®, Dropbox®, or Carbonite® do not cost much to set up, protect and maintain.
You can seamlessly encrypt at the source the files that you save on public cloud storage.
You should tightly monitor the way users make use of their “cloud identity.”
With a good password strategy and appropriate tools, your employees’ credentials can be unique, complex, available everywhere and tracked as they change through time. Passwords will not be copied on loose paper and need not be known or remembered.
*Some of the most powerful and popular alternatives to Saleforce.com®, Zendesk®, Basecamp® or Netsuite® are free Open Source software which you might also consider.