Valiant GS

Valiant GS
Valiant Global Solutions

Sunday, June 21, 2015

How to mitigate Rogue Access with ConnectID and ShareSync

Mitigate Rogue Access with ConnectID & ShareSync

According to Valiant Global Solutions' 2014 SMB Rogue Access study, 68% of ex-employees stored work files in personal cloud storage and 89% of ex-employees retain access to their corporate apps! That’s probably because services like Dropbox and Google Docs are so easy to use and so many users provision apps without IT’s knowledge.

What’s the solution?

1.   To prevent Rogue Access, you need cloud storage that’s just as simple to use—but built to give IT business-grade control over access and permissions. We recommend ShareSync by Valiant Global Solutions. ShareSync is an integrated file sync and share service that offers simplicity and mobility without risking control or protection. Watch the short demos below to see how ShareSync works and how it can help prevent against Rogue Access.

ShareSync Syncing Features

ShareSync Folder Collaboration


ShareSync File Sharing


ShareSync Outlook and Office Integration


ShareSync Security and Control Features

2.  A single sign-on (SSO) portal helps solve the problem. SSO lets users save all their apps into a single launchpad. This makes the cloud simpler and more secure for users. More importantly, it gives IT visibility into all the apps that employees use. This makes it easy to spot unknown services and flag them for deprovisioning. We recommend ConnectID by Valiant Global Solutions. ConnectID is a Single Sign-On portal that provides users with a single point of access to ALL their web apps with just one click and just one password. Watch the short demos below to see how ConnectID works and how it can help prevent against Rogue Access.

ConnectID Overview


ConnectID Managing SSO (Single Sign-On) for Applications and Users


ConnectID Installing and Getting SSO (Single Sign-On) Started for Users
ConnectID Adding Custom Applications for SSO (Single Sign-On)

Visit our website for more information and view our IT product offerings & pricing



Sunday, June 14, 2015

Procedures to help prevent Rogue Access (checklist)

Best practices for tracking access to IT systems

Osterman Research recently surveyed knowledge workers about their access to former employers’ IT systems.

An incredible 89% of respondents retained access to at least one system—such as Salesforce, PayPal, email, SharePoint and other sensitive corporate apps.

Key Osterman Research recommendations include implementing best practices for managing employee access to IT services as well as a rigorous IT offboarding process for departing employees.

This blog presents a template for bringing these practices to your company. It includes guidelines for setting up internal processes as well as specific actions to take when onboarding and offboarding employees.

In addition, it includes recommendations specific to regulated industries such as financial services, legal services and healthcare.

The first step to preventing unauthorized access by current and former employees is to develop a complete understanding of your IT landscape and the access privileges within it.

IT systems access recommendations

  1. Establish a security and compliance group within the company This group should monitor two key areas: 1) who has access to which IT services and 2) how information is being accessed and shared. You should build this group’s role into broader IT policies so that alerts can go out when a policy has been violated. This group should provide compliance and security training to employees on a quarterly/yearly basis.
  2. Put in place a clear set of company IT policies. This includes policies on app usage, a list of approved sites and services and a list of approved software and apps that employees can use. Also, require that employees use company-provided logins for these apps instead of personal logins.
  3. Provide role-based access to applications. Create a stringent approval process for all services, apps, and equipment that employees need. Employ two levels of approval for each request: approval from the employee’s direct manager, as well as a VP or account owner. Keep records in a centralized database, so you have a clear “paper trail” of all services and equipment given to each employee.
  4. Create a central repository for admin logins and passwords. Don’t give users admin rights to their laptops. Instead, require employees to log tickets with IT to get access to download new software.
  5. Eliminate shared logins/accounts. Assign accounts to one person whenever possible. If you have to use a shared account for budgetary reasons, make sure you rotate out the password on a monthly basis and employ strong password policies.
  6. Conduct regular audits. Audit all your user accounts (LDAP, Active Directory, all apps) regularly. Have a single place for running audit reports and searching for users. Make sure you track all the apps being used—regardless of department— so you know who’s paying for them, who “owns” them, and what access and control IT has.
  7. Regularly inquire with the finance department about the contracts that are in place with external vendors. This is a great way to identify web applications that might be in-use by the company that did not go through IT.

Employee onboarding recommendations

  1. Set up your accounts in Active Directory, and make sure all cloud apps are SAML authenticated. This gives you one central location to manage employee accounts. It also makes it faster and easier to provision and de-provision employees.
  2. Use unique identifiers when creating new employee accounts. In the system in which you’re creating the account, fill an unused attribute field with the employee’s unique HR-assigned ID number. This way, if a user has different name listings (e.g. J. Smith, Joe S., etc.), it’s easier to find all the apps with which they are associated.
  3. Maintain a distribution list to announce new hires. A distribution lists ensures that all key departments (Finance, HR, Facilities, etc.) are notified without fail when someone new is coming onboard.
  4. Run a system audit when employees change departments. Make sure you de-provision access to anything the employee no longer needs in their new role. That way, employees always have access to only those systems and applications that they really need to do their jobs.

Employee offboarding recommendations

  1. Adhere to a strict employee offboarding checklist. A sample checklist is included in this document.
  2. Maintain distribution list for terminations. Similar to your new hire distribution list, create a list that informs key departments (Finance, HR, Facilities, Legal, etc.) when an employee is leaving.
  3. Direct the email account of a departing employee to his/her manager. Reroute the departing employee’s email account to their manager for the first 2-3 months so that important messages are retained and handled.
  4. Terminate all employee accounts. It is critical to terminate every employee account to every service, both on-premises and in the cloud. If the employee is the primary contact for an online account or project, make sure that contact gets re-assigned.
  5. Review the apps saved in your employee’s single sign-on portal. This is an excellent method for discovering apps that an employee may have provisioned or used without IT’s knowledge. (These “unknown” apps are the most likely to create the risk of post-employment access.)
  6. Make sure to collect all company assets: laptops, phones, ID badges, software, etc. Also make sure you collect any external hard drives or company-owned equipment an employee may have used as part of a home office.

Recommendations for regulated companies

If you’re in a regulated industry such as finance or healthcare, you must put extra measures in place to ensure compliance with governmental regulations. Here’s a list of suggestions that regulated companies can implement to better control access to corporate accounts and data.
  1. Eliminate access to outside email/internet.
  2. Restrict access to certain sites/apps (e.g. Facebook) to read-only.
  3. Only allow access to company-approved sites.
  4. Require employees to use desktop machines or dummy terminals.
  5. Don’t allow employees to take laptops or work computers home.
  6. Remove the ability for employees to utilize USB or external hard drives to save data from their computer.
  7. Implement an approval process for all outbound email. This may include requiring approval by a manager before email goes out.
  8. Only allow work email and information to be accessed on company-issued mobile devices.

Download the offboarding checklist today!

Visit our website for more information and view our IT product offerings & pricing


Tuesday, June 9, 2015

Do Ex-Employees Still Have Access to Your Corporate Data?

Organizations of all sizes have a problem that most of them are not addressing adequately: their employees store corporate data on various file-sharing and content access platforms and most of these people still have access to this data after they are no longer employees.

Worse, much of this data in what Osterman Research is calling “rogue applications” is sensitive or confidential and many former employees continue to access it and – in some cases – share it with others.

Osterman Research conducted a survey to quantify the extent of the rogue applications problem. In order to qualify for the survey, respondents had to use a computer for work for more than 50% of a typical workday in their current job and in a previous job. A total of 379 online surveys were completed during June 2014. The results are shocking.


Read the white paper in full by Osterman Research to learn the shocking results as well as preventative steps your company can take to protect against this very real Rogue Access threat.


Visit our website for more information and view our IT product offerings & pricing

Join us on as we delve into file sharing and learn how you can save big by replacing your File Servers with ShareSync. and explore the hidden costs to avoid.  www.valiant-gs.com