You are here


Enterprise IT vs. Employee BYOD: Who’s in Control?

Posted by Bob Ertl
Enterprise IT vs. Employee BYOD: Who’s in Control?

An enterprise IT department, regardless of size or industry, has a number of responsibilities. That said, the mandate for any IT department boils down to one critical, albeit complicated, task: manage and secure enterprise content, devices, and connections. Without data security, nothing else matters.

Securing enterprise content is unfortunately more easily said than done. With the proliferation of personal devices, i.e. employee-owned laptops, tablets, smartphones, and even wearables in the workplace, IT departments have struggled. In short, the rise of Bring Your Own Device (BYOD) computing has essentially consumerized IT. Therefore if you work in enterprise IT and your mandate is to keep content, devices and connections secure, the consumerization of IT is not a welcome change.

Today, sensitive content travels everywhere employees go, even after hours and on weekends—all outside of the purview of IT. With employees doing work on their own devices, they are inevitably using cloud-based consumer services to share and collaborate on enterprise content. That’s a big problem. There are a number of risks inherent with consumerized IT:

  • Data breaches on unsecure networks.
  • Data breaches from lost or stolen devices.
  • Data breaches from consumer cloud File Sync and Sharing services.
  • Mobile malware infections.
  • Compliance violations for lack of data security, data governance, and/or data sovereignty.

To minimize the exposure to data breaches, enterprise IT organizations need to re-take control of enterprise content. But employees are not about to give up their personal devices. Besides, many enterprises are interested in preserving the productivity gains those devices and even some shadow IT solutions have enabled. Therefore, retaking control means adjusting and refining IT’s approach to consumerized IT, not replacing it.

With that in mind, enterprises should do the following to regain control of their enterprise content:

1. Embrace private clouds as a path to secure hybrid clouds.

By incorporating both private and hybrid clouds into the IT infrastructure, IT departments significantly enhance their data security and mitigate the risk of a data breach. Private clouds give enterprises full control of their content; content is not co-mingled on multi-tenant public clouds. As a result, they enable enterprises to enforce encryption and other security controls, such as role-based content and device policy enforcement – many of which public cloud service providers cannot or do not provide.

By comparison, hybrid clouds are increasingly popular because they allow enterprises to create the secure environment they want in private clouds, but then can scale those environments as needed using trusted, carefully vetted public cloud resources. A truly hybrid solution provides organizations with 100% flexibility to configure a deployment that meets their unique business needs. For example, they can minimize infrastructure costs while integrating with on-premises systems; keep the most sensitive content on-premises while moving most compute costs to the cloud; provide elastic capacity to handle bursts of demand; leverage existing infrastructure in their primary data center but use hosted capacity for remote offices; and other scenarios.

One additional consideration: private clouds and hybrid clouds are not only more secure than public clouds; research has shown they also deliver better ROI.

2. Balance security and convenience with BYOD use.

Mobile devices that are used for work and play are taken everywhere. They are storing enterprise content and login credentials to even more enterprise content. As long as these devices are unprotected, enterprise content is at risk.

Personal devices don’t have to be banned; they have permeated the workforce and do wonders for employee collaboration and productivity. What enterprises can change and control is how business content is handled and secured. This new generation of services combine the ease-of-use of consumerized IT with the rigorous security and control of traditional enterprise software.

kiteworks by Accellion

Accellion’s private cloud content collaboration platform, kiteworks, helps enterprise IT departments regain control of their enterprise content. kiteworks enables enterprises to provide their employees with a consumer-like user experience but with enterprise-grade security to ensure data security and compliance. kiteworks boasts a number of security features and capabilities, including but not limited to:

  • Sole ownership of encryption keys
  • Integration with leading Data Loss Prevention (DLP) providers
  • Anti-virus (AV) protection
  • File locking
  • File tracking and reporting
  • Two-factor authentication
  • File/folder expiration
  • Secure, single pane of glass access to on-premises and cloud-based ECM systems
  • User-friendly Digital Rights Management (DRM)
  • Secure containers on mobile devices
  • Remote wipe
  • Access controls for content on desktops and on mobile devices
  • Data sovereignty

With kiteworks, IT organizations are better equipped to manage enterprise content in a world of consumerized IT. Enterprise organizations such as Procter & Gamble, KPMG, Kaiser Permanente, Pacific Life Insurance, Cargill and many others view kiteworks as the critical component in preserving the productivity gains of today’s mobilized workforce while re-establishing the security and compliance practices essential to any well-run enterprise.

To learn more about the consumerization of IT and how Accellion addresses this critical business problem, download a copy of “Regaining Control of Enterprise Content: Bringing Governance to Consumerized IT” by clicking here.