(BYOC) Within Your Organization
It’s the latest tech acronym: BYOC or Bring Your Own Cloud. Personal cloud services are convenient, inexpensive, and always available. They also have the potential to wreak havoc on the enterprise in ways we haven’t seen in quite a while.
In a world where “Dropbox” is a ubiquitous name and SkyDrive comes pre-loaded on some PCs, employees think nothing of uploading company data to the same cloud they use for storing personal files. From a corporate viewpoint, personal cloud services provide another way for users to compromise security by storing important documents and data outside company walls. An added concern? Several services also make copies of uploaded files to other uncontrolled devices, such as home computers. Overall, when research shows 56 percent of information workers use devices that are unsupported by the network because their employer does not provide devices with similar capabilities, it’s clear we have a problem.
The knee-jerk response of many IT managers is understandable. As individuals responsible for the technical well-being of an organization, the mere thought of how employees can compromise proprietary data without second thought is enough to keep one sleepless for days. (“They’re uploading company financial documents to the same space as their vacation photos?”) No one would blame you for implementing a company-wide, zero-tolerance policy to restrict access and ban apps from the network; however, the first step to solving this growing issue is acknowledging the competition that IT has when it comes to being the final word on office-wide technical solutions.
It’s up to us to recognize that if a digital technology exists on a consumer level, it will eventually find its way into the office regardless of whether it is officially sanctioned, especially when said tools are faster, easier to use, and get the job done better. Instead of fighting an unwinnable war, a better use of time and energy lies in not attempting to turn back the clock or instituting a draconian policy, but finding a solution to the issue as it currently stands. Here are three solutions to help tackle BYOC within your domain:
- Reminder of Accountability
As is the case with most matters, getting out in front and communicating is key when it comes to matters of data security. IT is no longer a silo. Today, it touches every area of the enterprise. With that in mind, end users are not left wandering alone in the dark. If your written policies are not up to date, an overhaul is in order to ensure protocol and expectations are set for all. Most importantly, employees understand how their actions can have the potential to endanger the intellectual capital of the organization. Ideally, policies take an approach that ensures the security of data on-premise, off-premise, and in the cloud.
- Get the Enterprise Version
Recognizing the need for a collaborative mechanism that serves both management and end users, many consumer cloud services, including Evernote and Dropbox, offer enterprise versions that allow IT departments to centrally manage employee accounts. This is an essential approach that removes the risk of losing valuable data to bitter ex-employees and individuals who fancy themselves as gatekeepers. It also erases the uncertainty of who actually “owns” said documents, since this issue is not always so cut-and-dry when it comes to the personal versions.
- The Best of Both Worlds
Sometimes the best of both worlds is achievable. A hybrid BYOC solution does exist – a secure personal cloud service that mimics the unique usability of services like Dropbox while hosted on the corporate network. VMware’s Octopus and Google Drive are two options that allow this. This approach recognizes the constantly changing manner in which the enterprise is communicating and empowers users to securely access their files anytime, anywhere, and from any device.
In an era where IT is no longer business-driven, but user-driven, IT managers must ultimately adopt a policy of treating the problem as opposed to the symptoms. By focusing on protecting the intellectual property at the heart of the BYOC dilemma, forward-thinking organizations that stay dedicated to meeting this goal will no doubt achieve differentiation and fare better than the competition. Most important, they will be taking strides to keeping proprietary data safe.
By Dan Tully,
Dan Tully is Executive vice president of Conduit Systems, an IT management services firm headquartered in Lincoln, Rhode Island. Tully brings more than 20 years of computing experience to his customer base and has assisted some of New England’s largest companies address complex, technology-based issues.
Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services. Contact us for ways on how to contribute and support our dedicated cloud community.