BYOD And The Issues Surrounding Cloud Storage

BYOD And The Issues Surrounding Cloud Storage

BYOD And The Issues Surrounding Cloud Storage

As BYOD increases and employees increasingly use personal laptops, smartphones and mobile devices for work purposes, concerns over data security and data privacy remain the most significant barriers to cloud adoption, according to the latest research from the Cloud Industry Forum (CIF). Corporate IT managers and CIOs are rightfully correct in their trepidation as they open their networks to  and data leakage plus lose control over data once it leaves the corporate confines. While employees benefit from the ability to work from anywhere by using the cloud services that provide BYOD support, they also risk the loss of privacy when they inadvertently open access to personal files. This potential loss of privacy is worrisome. byod-image

CIF’s June 2012 research found that 66 percent of respondents said the most significant concern about the adoption of cloud services within the business was data security; this is up from 62 percent in 2011. The issue of data privacy also saw a leap up from 55 percent in 2011 to 66 percent in 2012.

The problem however is not BYOD, but the cloud storage. Using file storage providers such as Dropbox or Google Drive offers convenience and simplicity that may not be available with corporate applications. These services fall into category of Shadow-IT—the case in which users decide that they need a service, one which the IT department will not, or cannot provide to them in a timely manner. In other words, the hardware or software adopted “lives in the shadows” as opposed to being sanctioned and supported by the CIO and corporate IT departments. In the past Shadow IT included smartphones, portable USB drives and tablet computers on the hardware side and applications such as Gmail, instant messaging services and Skype. Shadow-IT now encompasses cloud storage as well. Where data is stored and how securely within these applications, however, cannot always be verified. What is known is that once out of the enterprise IT environment, it becomes impossible for CIOs to know where company data is, or who has access to it. In fact when one signs up for these cloud storage services, one is also giving the service permission to use one’s data (users are advised to check the terms and conditions fine print).

The challenge for cloud providers will be convincing customers that the risks of the cloud do not outweigh the benefits – and those risks include the exposure of data through security incidents. The March 2013 Distributed Denial of Service (DDoS) cyber-attacks on Spamhaus flooded Spamhaus servers blocking traffic and making the servers unreachable. For users storing files in services that use Spamhaus networks, their files were slow to access or in some cases, inaccessible. Other potential threats to documents stored in clouds include caching of information on mobile devices, and stored passwords. Companies may also risk issues with compliance with HIPAA (Health Insurance Portability and Accountability Act of 1996), HCFA (Health Care Financing Administration), FISMA (Federal Information Security Management Act) and SOX (Sarbanes-Oxley Act of 2002).

When IT departments choose cloud services to enable BYOD support, they are quite right to consider security and compliance as well as issues such as price and convenience. The CIF research also found that security concerns had risen in 2012 most noticeably in the private sector, increasing from 59 percent to 67 percent. Conversely, in the public sector concern had narrowly dropped from 69 percent to 66 percent. Both the private and public sector have experienced data attacks and the European Union (EU) have called on both corporations and governments to be more transparent when they suffer data breaches.

In sum, it behooves both cloud storage providers and corporate IT decision makers to focus on security. The clouds have a responsibility to users to protect the data stored from attack and to protect the privacy of documents stored. Moreover, IT departments must acknowledge the growing use of clouds that are brought in by users and realize that the department is never going to be able to compete with the simplicity and ease of use of clouds Consequently, IT must change its own worldview and figure out how to implement needed protection and guidelines to assure the security of data once it leaves the corporate network for the cloud. Such paradigm shifts will not be an easy process for many organizations. The trick will be to have both sticks and carrots—firm and enforceable data control policies and a never-ending search for the best cloud storage to meet changing demands.

By Simon Bain,

Simon Bain is the company founder, CTO and chief architect of Simplexo Ltd’s software solutions.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

One Response to BYOD And The Issues Surrounding Cloud Storage

  1. We are seeing a lot of this in the UK, For larger companies we are seeing a demand for the creation of there own enterprise dropbox services and with open stack swift becoming more established the ability to build scalable in house storage systems is becoming increasing accessible. Once you have built the object storage there are a number of good products available that let you create your own enterprise dropbox and products like maginatics allow only direct access (no sync) meaning your data never leaves the private cloud.
    For the smaller customers Gladinet offers a great solution to addressing the above even if this is located within a service providers cloud 

    @Paulcolwell

How To Overcome Data Insecurity In The Cloud

How To Overcome Data Insecurity In The Cloud

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security Risks Does security in the cloud ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that,…

The Four C’s – Cloud, Culture, Clash, Change

The Four C’s – Cloud, Culture, Clash, Change

The Cloud, Culture, Clash, Change “I told the new CTO that this cloud stuff was BS. He came charging in with this ‘cloud first policy’ and look what happened. Previously rock solid systems that had worked for years slowed down and had outages as we tried to run them on the cloud. I doubt that…

Dissecting Mr. Robot TV Series: Spotlight On Burning Online Privacy Risks

Dissecting Mr. Robot TV Series: Spotlight On Burning Online Privacy Risks

Mr. Robot And Burning Online Privacy Risks Despite the rapid development of web tools and computer security systems, online privacy remains a serious issue for most web users. According to some statistics provided by isaca.org, the total number of online security incidents worldwide grew to 42.8 million, leaving a great number of victims behind. As one…

What Forecasts Of Data Breaches Should Spell To Cloud Security Practitioners

What Forecasts Of Data Breaches Should Spell To Cloud Security Practitioners

Cloud Security Practitioners And Auditors Today we have seen relatively few data breaches in the cloud despite its growing use for mission-critical workloads. However, as cloud increasingly becomes the backend for our mobile devices, for the Internet of Things (IoT) and for other daily life functions, we can safely predict that hackers will set their…

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Tackling Complex IT Challenges Sponsored by Hybrid IT: The Next Evolution in Enterprise IT, NetApp and Verizon. Today’s sophisticated business environment demands a dynamic and robust IT infrastructure which is a far cry from the closed, controlled environments that most IT departments were created to handle. A hybrid IT infrastructure, drawing services from multiple cloud-based…

Featured Sponsored Articles
The Benefits of Cloud-Based Phone Systems

The Benefits of Cloud-Based Phone Systems

Cloud-Based Phone Systems This article has been sponsored by RingCentral, provider of state-of-the-art cloud infrastructure. Although today’s businesses rely on a host of modern technology, the century-old telephone call is as essential as ever. Of course, businesses today aren’t relying on simple analog voice calls for effective interaction with partners, suppliers, colleagues, and customers, but…

Featured Sponsored Articles
Working With Cloud White Label Partners

Working With Cloud White Label Partners

Cloud White Label Services Sponsored by CloudMGR The benefits of consolidating your cloud to one of the giants such as AWS, Microsoft Azure, and Google Cloud are improving as competition increases, with pricing wars between the service providers meaning better savings for businesses utilizing these services, and an abundance of features at user fingertips as…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor