This is the first post in a series expanding on our 2013 cloud and storage predictions.
Symform’s 2013 predictions turned a skeptical eye on Bring Your Own Device (BYOD) and the related trend of Bring Your Own Cloud Application. We think that as BYOD and cloud denial comes to a head in 2013, corporate IT will have to start standing up for data security and control.
“Symform anticipates IT will regain control by implementing stringent security policies and access control rules for cloud services and employee-liable mobile devices. In many cases, especially among SMBs, third-party consultants or channel partners will be called in to determine whether the proper security policies are in place and being enforced. Symform expects this shake up to result in the decline of popular unsanctioned cloud collaboration or file sharing services that threaten a company’s ability to maintain regulatory compliance and adhere to their own internal security requirements.” Full Symform 2013 Predictions
When an organization’s data has proliferated across employees’ personal devices, and the data gets stored in unknown cloud applications, how can the organization warrant compliance with regulations or its own policies? While companies crave the benefits of BYOD and employee adopted cloud applications, they have shirked responsibility for the accumulating risks. Does this sound like junk food junkies enjoying chips and cheeseburgers while ignoring the mounting health risk or weight gain?
Eating a Steady Diet of “Risk Cheeseburgers”
Wendy Nather at 451Group defines the Risk Cheeseburger in a recent blog post: “‘Cheeseburger risk’ is the kind of risk you deliberately take even knowing the consequences, until those consequences actually come to pass. For example, you may decide to go on eating cheeseburgers until such time as you have a heart attack – and then you’ll consider changing to a healthier lifestyle.”
Late in 2012, Symform conducted a Cloud Security Survey which revealed that many businesses are chowing down on risk cheeseburgers. Too few are addressing cloud security risks with strict policies or enforcement. 27% of companies allow company data to be used on employees’ tablets and smartphones. An additional 19% have no policies about the use of company data on employee devices.
Even companies that claim to not even be in the cloud have problems with cloud security related risks. The survey reported that of the 39 percent who said they are not using cloud, 65 percent say they allow employees or teams to use cloud services and 35 percent allow employees to put company data in cloud applications.
BYOD and its half-brother, “Bring Your Own Cloud”, have been great for getting work done. Most businesses’ productivity and performance expectations can’t be met without relying on employees to bring their own devices, adopt their own cloud applications and use company data on the devices and applications. Unfortunately, most data security and compliance expectations can’t be met while allowing employees to bring their own devices and cloud applications.