Remote access to corporate information, via personal devices, is an established trend. In fact, recent research from Redshift Research, highlighted in a report to Cisco, that 95 per cent of organizations now allow employee-owned devices in the workplace.
While IT departments are now embracing BYOD through smartphones, Bain suggests that a bigger headache for IT departments focuses around cloud storage:
“BYOD is not the problem, cloud storage is. It is now very simple for employees to store documents, for free, using any number of file storage providers such as Dropbox or Google drive. There is also an increasing number of applications that can be downloaded that help with office work. Where data is stored and how securely within these applications is often a mystery. In either case, once out of the enterprise IT environment it becomes impossible for CIOs to know where company data is, or who has access to it.
“While this realization is sinking in for the IT departments, an even bigger point of note is the realisation that the cloud-storage market is growing and here to stay. One side of the coin is this is great for employees outside of the IT department as it means IT services can grow organically to meet the ever changing needs of the enterprise. However, the other, which I am concerned with, means IT departments will have even lesser control of data.
“There needs to be a collective understanding that IT departments are never going to be able to compete with the simplicity and ease of use that comes from having an instantly downloadable application. This needs to be accepted by enterprise organizations at the earliest possible opportunity as it is only in doing so that they will be able to change their own worldview and work with the new consumer-led culture of IT deployment that is growing at an ever increasing pace.”
Bain continues: “While the cornerstone of this will focus on security and how IT departments can regain control, it’s important to take stock from the growth in smartphone technology and look at embracing cloud storage.
“This could be, for example, enterprises partnering with third party app stores that only allow applications that keep data in a recognized and controlled environment. Employees will benefit from having access to a shopping cart of applications to choose from and IT departments will know that they have tight service level agreements with providers detailing required security and data locations. Developers will have clear instructions as to what data security and other hoops that they need to jump through to have access to the market created by the third-party app provider.
“While this will no doubt cause resentment from employees, who will still access corporate data outside of the office, there needs to be a happy-medium. The development of additional functionality can play a huge role in supporting this. Secure search is one example of a tool, which allows employees to access, and store data easily without compromising the network, giving assurances to the IT departments that security measures are in place without impacting accessibility or speed of use.”
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.