Rising employee app use raises data protection issues5 March 2013
As the separation between home and workplace technology becomes increasingly blurred with the use of smartphones and tablets, IT professionals are finding that managing end user applications presents a significant challenge. A recent New York Times article profiled the data protection issues facing companies of all sizes as employees place confidential data in publicly accessible and searchable storage or use a wide array of services that make it difficult to keep track of information. With employees taking advantage of cloud services, businesses may be able to improve oversight by adopting a managed hosting solution that gives workers the capabilities they want.
The New York Times profiled several companies in which workers rely on multiple third-party applications for cloud storage and collaboration. While some of the services, such as Amazon or Facebook, are familiar, many are unknown even to IT professionals, making it difficult to secure sensitive information.
A recent internal study by Netflix found that employees were using a total of 496 different smartphone applications, many of which were for data storage, communications or collaboration, the Times reported. A similar survey from Cisco Systems found that several hundred different apps were touching its corporate networks. Skyhigh Networks, a company that monitors cloud application risk, has identified more than 1,200 services used by personal devices on corporate networks.
"People are going to bring their own devices, their own data, their own software applications, even their own work groups," Bill Burns, the director of information technology infrastructure at Netflix, told the Times, adding that management software does not always help.
The result of such adoptions, often dubbed "shadow IT," is that documents tend to leak onto the public web. The Times reported that documents marked "confidential" from nearly any major company are often discoverable through a simple Google search due to employees placing them in unprotected storage services.
Limiting shadow IT with managed hosting services
A 2012 PricewaterhouseCoopers survey of IT managers found that at least half of corporate IT spending was on shadow IT in 47 percent of organizations, the Times noted. Cloud Pro blogger Davey Winder suggested that one way businesses can control shadow IT is by enabling cloud use rather than driving employees to adopt solutions of their own. While users often turn to their own cloud tools to save time and money, this ad hoc approach can become more expensive due to a lack of centralized management. Additionally, its distributed nature can be a major compliance issue and cost driver in legal cases requiring eDiscovery.
At the same time, shadow IT can have benefits in terms of business agility, and companies should not write it off entirely, Winder wrote. However, he suggested businesses think about how to merge governance and compliance with cloud usage. The best approach for a CIO or CISO is to say yes to cloud services and guide businesses through them, he wrote. Using a managed hosting provider for cloud storage is one way organizations can provide an alternative to employee-adopted solutions that offers better data protection. Additionally, a managed hosting service that offers endpoint protection can help companies secure and manage the data on user devices, reducing the risk of rogue application use.
Brought to you by UbiStor, Inc. leaders in data & system protection, recovery, hosting and infrastructure solutions.
Go back to Industry News