The Buck Stops At BYOC
IT professionals gave into user demands with BYOD. But allowing employees to mix corporate data and personal clouds is going a step too far.
January 29, 2014
Some are declaring the buzzword for 2014 will be BYOC, or bring your own cloud. This term describes employees leveraging their own personal cloud services and applications to better perform their daily jobs. But unlike the bring your own device (BYOD) craze, BYOC is likely to meet far more resistance in enterprise organizations. Lack of IT management and control will quickly put an end to BYOC, even though it has the potential to provide real benefits.
From an IT support standpoint, I wasn't too keen on the BYOD trend when it began. It's difficult enough to secure company-owned devices inside a corporate network, let alone those that are personally owned and maintained. But with the aid of tools like mobile device management and network access control, BYOD has become somewhat manageable in even the largest companies.
The one saving grace that convinced IT leadership to allow BYOD was the fact that all important data would remain within the corporate network. Mobile devices were simply used to access and interact with data that was safely managed and stored by IT employees.
Now that cloud computing has become commonplace for consumers, employees are beginning to request permission to use personal cloud services for business use. Employees are comfortable using services such as DropBox, Google Apps, and Carbonite at home. Because of that comfort level, they naturally want to use those same tools in their business life.
This is where IT decision makers may need to draw the line. With BYOC, company data is decentralized outside the safety of a corporate network and placed within various cloud services. From a data loss prevention (DLP) standpoint, BYOC presents a nightmare scenario because data can be copied, duplicated, and ultimately lost or stolen via the various cloud services.
As employees begin to request BYOC models for your business, now is the time to educate and inform non-technical users why this is a very bad idea. Additionally, if you don't already have a DLP policy and enforcement strategy in place, put that high on your priority list. DLP tools perform a number of functions to ensure that sensitive company data does not leave the corporate network through email attachments, thumb drive copies, and the use of public cloud services.
More and more, business leaders are realizing the importance of intellectual property in digital form and they are willing to spend big money to prevent employees from intentionally and unintentionally leaking data onto the Internet. As you can see, employee requests for BYOC and business leadership's desire to control DLP are at odds with one another. Here the protection of intellectual property will almost certainly prevail.
Even though BYOC may seem like the next evolutionary step up from BYOD, I wouldn't count on it making strides in the enterprise environment. In fact, it's my guess that by this time next year, we'll have forgotten all about it. While IT professionals and business leaders capitulated and allowed employees to use personal devices on the network, there's no way they're ever going to lose control of company data.
Andrew Froehlich has well over a decade of enterprise networking experience under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-out.
About the Author
You May Also Like