BYOD And The Issues Surrounding Cloud Storage

BYOD And The Issues Surrounding Cloud Storage

BYOD And The Issues Surrounding Cloud Storage

As BYOD increases and employees increasingly use personal laptops, smartphones and mobile devices for work purposes, concerns over data security and data privacy remain the most significant barriers to cloud adoption, according to the latest research from the Cloud Industry Forum (CIF). Corporate IT managers and CIOs are rightfully correct in their trepidation as they open their networks to  and data leakage plus lose control over data once it leaves the corporate confines. While employees benefit from the ability to work from anywhere by using the cloud services that provide BYOD support, they also risk the loss of privacy when they inadvertently open access to personal files. This potential loss of privacy is worrisome. byod-image

CIF’s June 2012 research found that 66 percent of respondents said the most significant concern about the adoption of cloud services within the business was data security; this is up from 62 percent in 2011. The issue of data privacy also saw a leap up from 55 percent in 2011 to 66 percent in 2012.

The problem however is not BYOD, but the cloud storage. Using file storage providers such as Dropbox or Google Drive offers convenience and simplicity that may not be available with corporate applications. These services fall into category of Shadow-IT—the case in which users decide that they need a service, one which the IT department will not, or cannot provide to them in a timely manner. In other words, the hardware or software adopted “lives in the shadows” as opposed to being sanctioned and supported by the CIO and corporate IT departments. In the past Shadow IT included smartphones, portable USB drives and tablet computers on the hardware side and applications such as Gmail, instant messaging services and Skype. Shadow-IT now encompasses cloud storage as well. Where data is stored and how securely within these applications, however, cannot always be verified. What is known is that once out of the enterprise IT environment, it becomes impossible for CIOs to know where company data is, or who has access to it. In fact when one signs up for these cloud storage services, one is also giving the service permission to use one’s data (users are advised to check the terms and conditions fine print).

The challenge for cloud providers will be convincing customers that the risks of the cloud do not outweigh the benefits – and those risks include the exposure of data through security incidents. The March 2013 Distributed Denial of Service (DDoS) cyber-attacks on Spamhaus flooded Spamhaus servers blocking traffic and making the servers unreachable. For users storing files in services that use Spamhaus networks, their files were slow to access or in some cases, inaccessible. Other potential threats to documents stored in clouds include caching of information on mobile devices, and stored passwords. Companies may also risk issues with compliance with HIPAA (Health Insurance Portability and Accountability Act of 1996), HCFA (Health Care Financing Administration), FISMA (Federal Information Security Management Act) and SOX (Sarbanes-Oxley Act of 2002).

When IT departments choose cloud services to enable BYOD support, they are quite right to consider security and compliance as well as issues such as price and convenience. The CIF research also found that security concerns had risen in 2012 most noticeably in the private sector, increasing from 59 percent to 67 percent. Conversely, in the public sector concern had narrowly dropped from 69 percent to 66 percent. Both the private and public sector have experienced data attacks and the European Union (EU) have called on both corporations and governments to be more transparent when they suffer data breaches.

In sum, it behooves both cloud storage providers and corporate IT decision makers to focus on security. The clouds have a responsibility to users to protect the data stored from attack and to protect the privacy of documents stored. Moreover, IT departments must acknowledge the growing use of clouds that are brought in by users and realize that the department is never going to be able to compete with the simplicity and ease of use of clouds Consequently, IT must change its own worldview and figure out how to implement needed protection and guidelines to assure the security of data once it leaves the corporate network for the cloud. Such paradigm shifts will not be an easy process for many organizations. The trick will be to have both sticks and carrots—firm and enforceable data control policies and a never-ending search for the best cloud storage to meet changing demands.

By Simon Bain,

Simon Bain is the company founder, CTO and chief architect of Simplexo Ltd’s software solutions.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the information and process needs of its workforce and its customers. However, data suffers from a likability crisis. It’s as essential to us as oxygen, but because we don’t see it, we take it for granted.…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

Is Machine Learning Making Your Data Scientists Obsolete?

Is Machine Learning Making Your Data Scientists Obsolete?

Machine Learning and Data Scientists In a recent study, almost all the businesses surveyed stated that big data analytics were fundamental to their business strategies. Although the field of computer and information research scientists is growing faster than any other occupation, the increasing applicability of data science across business sectors is leading to an exponential…

The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…