How Shadow IT is emerging into the light
By Mark Micallef October 13, 2015
- As BYOD becomes the norm, so does the fragmentation of data
- Time to acknowledge this and consider what it means for business
WINDOWS OS, Apple iOS, Blackberry OS, Android OS, on smartphones, phablets, tablets and most recently smartwatches ... the list goes on.
We have all come to recognise that we are in a multi-device, multi-OS (operating system) modern business world.
However, what we are slower in recognising is that the same diversity we see in the above list, also applies to our data. As bring your own (BYO) becomes the norm, so does the fragmentation of data.
It is high time we start acknowledging this and consider what it actually means for business.
While it may be tempting to ignore or overlook the plethora of choices available for storing and sharing data, the reality is that people have unprecedented freedom to choose among cheap and convenient cloud storage options.
This means we are continually creating and storing documents in multiple repositories, across multiple devices, inside and outside the firewall. This practice is commonplace and the number of document silos only seems to be increasing.
So what does this mean for business? With this wide and varied spectrum of document silos, it is becoming more difficult for organisations to manage critical business information, as well as keep it secure.
This raises real privacy concerns, especially when the navigation of existing firewalls and integration with legacy systems and applications remain huge hurdles for businesses in achieving true enterprise mobility.
The combination of BYO, an increasingly mobile workforce, and a growing array of cloud-based services is eroding the traditional perimeter of work – work is no longer a place. More than ever before, mobile access to company data is a critical component to achieve full productivity for mobile workers.
The next question is, are we between a rock and a hard place? Just because workers demand a delightful user experience at work or play, does not imply that organisations need to be concerned about secure and seamless access to internal resources.
There are ways to tackle data fragmentation. In fact, providing secure mobile access to data residing behind the company firewall is easier than you may think. It largely involves a harmony of ‘Shadow IT’ policies and collaborative technology and tools.
In turn, businesses are armed with more choice and flexibility of where and how user data is accessed and shared – through increased privacy controls and data protection.
A file sync and share (EFSS) Software-as-a-Service (SaaS) solution provides the security benefits of an on-premises solution while offloading the costs and headaches of maintaining the user experience as a service.
Eighty-three percent of businesses are concerned about the security of their corporate data as it is increasingly dispersed across their network and outside. Yet, Asia Pacific is lagging in the detection of security incidents as well as in the size of information security budgets.
So what can be done to address these concerns?
Here are five top tips for selecting the right technology to protect company data and limit the risks of using Shadow IT:
1) Ensure there is no visibility to files or metadata
Having metadata (file and folder names) visible to your service provider is not okay because file names can convey sensitive information. All business data must be encrypted with a key that is under the organisation’s full control.
2) No user impersonation
Service providers must not be allowed to access files that belong to their customers. Enterprise single sign-on ought to be made convenient for end-users, but businesses must not forget that it also enables service providers to impersonate the users.
That’s like having a one-way domain trust from your enterprise out to the cloud.
3) Ensure you have full control over your encryption service
Encryption is almost meaningless when the service provider owns the keys and/ or the servers that perform encryption – data must be encrypted with your organisation’s key only.
4) User experience has to be consumer-grade
File encryption and data protection must not come at the expense of application compatibility or a seamless user experience. If users have to think about encryption keys, certificates or plug-ins across all their devices in order to unlock their files, they will find an easier way out and gravitate towards using a simplified, but less secure service.
5) Data sovereignty is mandatory
Service providers can no longer dictate where customer files are stored. To comply with local regulation and protect intellectual property, organisations must have the option to keep their data inside their country, their city, or even behind their firewall.
Mark Micallef is area vice president of Citrix Asean.
The rise of the superuser, and managing shadow IT
How file analysis tools can unleash the light in ‘dark data’
Going to the office? BYO Apple Watch
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.