A topic that concerns every law firm CIO and IT manager today is whether to permit legal professionals to bring their own computing devices to work, for work. In other words, to support BYOD or not to support BYOD: that is the question. Or, at least it’s the question of the moment– with law firms, like so many organizations, considering how to support employees’ preferences to use personal mobile devices for work purposes, while keeping corporate documents properly managed and secure.
Should you support unlimited device types? How can you track which documents are shared outside of company walls? How does BYOD fit into your existing compliance strategy? It’s these questions that are currently the talk of the legal world. Check out some recent headlines:
Accellion Chief Marketing Officer, Paula Skokowski, will lead a panel on “Protecting Legal Documents in the Bring Your Own Device (BYOD) Post PC Era” with Chris Zegers, CIO of Lowenstein Sandler, Chad Ergun, Director of Global Services & Business Intelligence at Gibson & Dunn and Avi Solomon, Director of IT at Becker and Poliakoff P.A. at the Law Firm Chief Information and Technology Officers Forum. The panel will take place on Wednesday, January 30, 2013 from 11:30 a.m. – 12:15 p.m. ET in conjunction with the LegalTech New York 2013 conference.
Accellion will also be exhibiting at the LegalTech New York 2013 conference at booth #1403.
According to analyst firm, Enterprise Strategy Group, the enterprise cloud based file sharing revolution is being driven not by IT, but by end users – individuals who need to access and share data across laptops, smart phones and tablets whenever the need may arise. And, it’s these individuals who often subscribe to consumer-based file sharing solutions on their own and then bring those tools into the enterprise to support business use – creating a data security nightmare for IT.
This situation has IT playing catch up, yet many organizations are hesitant to embrace cloud services. Why? ESG found that 43 percent of organizations are worried about data security and privacy concerns and 32 percent about giving up too much control. Ironically, without a proper file sharing solution in place, users are calling the shots, creating the same security risks and a lack of control that’s been holding them back from the cloud in the first place.
In a new white paper, Evaluating Cloud File Sharing and Collaboration Solutions, ESG advised organizations to find a single, secure file sharing and collaboration solution that they can confidently endorse and provides a checklist of what to ask during the due diligence process, including:
•Can we sync data across end point devices when offline?
• Can users easily search for files across synched directory trees?
• Can we support files of any size?
• Can we set group policies from a central dashboard?
• Is there Active Directory integration?
• Is it easy to de-provision accounts?
• Is data encrypted in transit and at rest?
• Are there remote wiping capabilities?
• Is the data center SAS 70 Type II certified?
• Is data replicated remotely in the event of site failure?
To help you make a smart investment that’s right for your company, download the complete recommended checklist today.
P.S. Accellion answers “yes” to all of the questions above.
If you’re in the government sector, new cloud services and products are likely in the plans for 2013. Cloud momentum continues to build according to InformationWeek Government’s third annual Federal Cloud Computing survey, which showed that half of its agency respondents are currently moving ahead with cloud adoption or are in the early stages of doing so – up from 40 percent last year.
So, what’s spurring this growth? According to the survey, the move to the cloud is being driven by three primary business objectives:
- Lowering the cost of ongoing IT operations (54%)
- Reducing capital investments in servers and data center equipment (51%)
- Supporting mobile productivity and collaboration within the agency and with other agencies (37%)
Number three on this list came as no surprise to us, as we talk every day with organizations – within the government and enterprise sectors – who are looking for more efficient, secure, and cost effective ways to access and share information on mobile devices with people inside and outside of the organization. That need leads them to Accellion.
For Accellion customer Texas Juvenile Justice Department (TJJD), the ability to collaborate quickly and securely makes all the difference for the youth they serve. Operating dozens of treatment facilities, correctional institutions and halfway houses throughout the state, TJJD needed a way for its 2,500 employees to share confidential data efficiently and reliably between parents, medical staff and legal counsel.
Before switching to Accellion, staff members often turned to mailing hard copies of documents, burning CDs, or encrypting individual emails in order to work around a cumbersome file transfer and encryption mechanism. TJJD clearly needed a better option, fast.
The same could be said for other government organizations at the federal, state and local level that select Accellion. These customers include government agencies such as NASA, the U.S. Securities and Exchange Commission, and the National Institute of Standards of Technology that have a need for the strictest security and compliance requirements for the sharing and collaboration of digital information.
If mobile productivity and collaboration are part of your cloud plans for 2013, we can help.
No one would be shocked to learn that organizations aren’t big fans of employees playing online poker or roulette on the job. Which is why, when 1,200 IT decisions makers at private companies were asked to name the top three worst apps that employees could download, gambling was at the top of the list, with 58 percent of responses.
Right behind concerns about bringing a bit of Vegas into the office are serious worries about certain online file sharing applications. But not just any apps – Dropbox and Box in particular. Fifty-one percent of survey respondents named these unapproved cloud file sharing apps as some of the worst offenders in the enterprise, earning the number two spot on the list. And, of the 45 percent of respondents who blacklisted apps, 57 percent named Dropbox and 42percent named Box as the apps being banned.
What happens is that users genuinely need a way to share large files and when there’s not an IT-approved solution in place they find one on their own. Consumer-focused online file transfer solutions, such as Dropbox, are then used behind the scenes to send proprietary documents, creating security risks and headaches for IT. It’s this need for a Dropbox alternative – a secure, proven, enterprise-class solution – that drives organizations to Accellion.
Accellion customer, MiTek, a global construction company, had been there, done that, leading the company to ban Dropbox, deploy Accellion, and not look back. Here’s what Justin Daniels, Web Services/Software Engineering and IT Support Manager with MiTek had to say:
“With public cloud providers, there are so many unknowns when it comes to security: Where exactly are your files? How do you get them back if you change providers? How do you know where your employees are sending files? We weren’t willing to give up the rights to data that was sensitive, proprietary, and was rightfully ours. With Accellion, we know exactly where our files are, can track and monitor both senders and recipients, and enforce file sharing policies at a user- and corporate-wide level.”
When customers say “yes” to Accellion, it makes saying “no” to Dropbox and Box a no-brainer.
In our last post, “New Research to Drive Your Mobile Policies”, we talked about how mobile devices are redefining the workplace, pushing the need for ubiquitous access to enterprise content. But, the big question is how to give users what they want – user-friendly, around-the-clock data availability – while maintaining strong IT security and control. It can be a big undertaking if you don’t know what to look for from a file sharing solution.
Here are 10 must-haves to help meet both users’ and IT’s needs:
Multiple platform support: Even if you’re a Blackberry shop today, you don’t know what the future holds, so you need to be able to support iOS, Android and Blackberry devices should the need arise.
Seamless access to existing ECM stores:Allow users to gain anytime, anywhere access to data – whether stored in SharePoint or another ECM system – and share files with internal or external audiences, without a VPN.
Enhanced encryption: To lower data breach risks, your solution of choice should encrypt data both in transit and at rest, across all devices – whether in the cloud or on-premise.
Centralized management: Easily configure user permissions and manage user policies and profiles, including role-based access controls – ideally from a single, web-based interface.
Proactive file protection:Extend your organization’s established content/file monitoring policies to all file sharing activities by integrating with commercially available DLP and anti-virus solutions.
Complete device control: Ask about remote monitoring, logging, and wiping capabilities, to provide much-needed visibility and control should a device be lost or stolen.
Required enterprise integrations: Ensure that the solution you’re evaluating will support your existing infrastructure, applications, and security processes, such as LDAP, Active Directory, single sign-on, authentication, FTP, and SMTP.
File sharing visibility: With evolving regulatory requirements, you need granular reporting capabilities, real-time file tracking, and automated audit trails to maintain compliance standings.
Deployment choice:Whether a public cloud, private cloud, or hybrid environment, evaluate which deployment provides maximum data security and availability and will have your users up and running quickly.
Say “no” to consumer-class services: Prohibit users from seeking out their own consumer-based solutions, such as Dropbox, to prevent being left in the dark about where files have been sent and to whom.
Extend security to every file and every device within your organization and embrace the BYOD trend. Your users will thank you.
With so many organizations wondering how to support the boom of mobile workers, we recently hosted a sponsored webinar, “Empowering the BYOD Workforce”, to provide insight into the state of mobile affairs, the evolving workplace, and what types of users are driving the BYOD charge. In case you missed it, Chris Silva with The Altimeter Group, LLC provided some great research to help guide the development and prioritization of BYOD strategies. Here are some highlights:
Smartphones are the “it” device: The pendulum is shifting from laptops to smartphones as the mobile screen of choice. Data from Nielsen shows that more than half (55%) of U.S. mobile subscribers have a smartphone – up from 41 percent last year. And that number will no doubt continue to rise with the anticipated arrival of new Google Nexus devices.
One device is not enough: The average worker now carries 3.5 “mobile” devices (smartphone, laptop, tablet, etc.), up from 2.7 last year, according to the iPass Q1 2012 Global Mobile Workforce Report.
Mobile computing is now the norm:Insight Research reveals that 89 of the top 100 companies offer telecommuting, with 67 percent of all workers relying on mobile and wireless computing to get work done.
Work hours are blurred: Research from Good Technology found that individuals are productive well beyond traditional office hours, with more than 80 percent of people continue to work when leaving the office, adding up to an extra 30 hours per month. Plus, 49 percent do work email after 10:00pm and 69 percent will not sleep before checking email.
Mobilizing sales is a must:The Altimeter Group, LLC found that field/sales employees are the most important user group to mobilize, as these road warriors live on mobile devices and need a simple and secure way to manage, view, store, and share information.
So, the big question is: how do you make enterprise file sharing accessible on phones and tablets to support the mobility trends outlined above, while maintaining tight control and security? Check out our next blog entry to learn how to navigate the security challenges of BYOD while enabling your growing mobile workforce.
This week Google announced that Gmail users can attach files stored in Google Drive to Gmail messages up to 10GB. “..whether it’s photos from your recent camping trip, video footage from your brother’s wedding, or a presentation to your boss, all your stuff is easy to find and easy to share…”, the company went on to say. Now, we’re OK with Drive being used for wilderness shots and videos of Uncle Bob cutting loose on the dance floor, but when it comes to business-related communications, like sending a PPT, we have to stop you right there.
For true enterprise collaboration and file sharing, we’ve found that size matters – as our customer, Mark Yee from AutoDesk, will tell you. That’s the beauty of our solution – there’s no hard limit on file size (Guinness World Records take note!) That means that our clients can send massive, data-intensive documents such as software upgrades, CAD drawings, media files, and customer databases, without wondering if a file is too big to be shared. And that’s been the case for years. Accellion customers have routinely sent files of 100-200GB in size and some brave souls have even sent 1TB files!
Plus, we provide tight security – integration with DLP solutions, automated audit trails, extensive file tracking and reporting, and customizable file access and storage controls – to make sure that your confidential data remains protected at rest and during transit. We wouldn’t have it any other way.
Google, welcome to the party, albeit a tad late. While 10GB is progress, it’s not going to cut it for serious enterprise users. While we believe that large email attachments should be phased out with dinosaurs and fax machines, we love the idea of our clients sending Stegosaurus-sized documents. We can’t imagine that ever going out of style.
Service outages, application access errors, and security hiccups – that’s exactly what we’ve seen happen in recent months with cloud storage providers Dropbox, YouSendIt, and Box. All were reported to have experienced unexpected issues:
Perhaps Eric Chiu, founder of HyTrust, Inc., a virtualized infrastructure security and management vendor said it best to TechTarget, calling Dropbox “the poster child” for an application that’s infiltrated the enterprise with huge security implications.
Osterman Research, in a recent research report “The Need for Enterprise-Grade File Sharing and Synchronization” found that 49% of organizations believe the problems created by these tools are about as serious as they were 12 months ago, but 42% reported they are more serious.
Before putting your data on the line and exposing it to a potential security glitch or exposing your users to unnecessary usage issues, you must weigh the risks and benefits of a particular provider. And, don’t overlook the hefty regulatory implications if a security snafu hinders your compliance with HIPAA, SOX, and other data privacy mandates.
Many organizations are turning to enterprise-class solutions such as Accellion. While we offer the flexibility of public, private, and hybrid cloud deployments, 80 percent of our enterprise customers go the private cloud route – benefitting from around-the-clock availability, security, and confidentiality of company information.
Over the past year, we’ve seen the iPad become more prevalent in the corporate world – and why not? Its portability is ideal for employees on the go and users are able to blend work and personal use on a single device. Yet, it’s these two benefits that have introduced new security concerns for IT, with the iPad often treated more like a grown up iPhone than a corporate computer.
Of course, the laid back attitude towards iPad security is understandable. Tablet adoption has been predominantly driven by consumer usage, with public Wi-Fi and cloud computing making it simple to upload and download files and applications at will – whether Angry Birds, grocery coupons or the latest corporate PowerPoint. But, the freedom of anytime, anywhere access, combined with the increased volume of corporate data being shared via iPads, has blurred the lines between corporate access and casual entertainment.
Yet, the harsh reality is that malicious apps and malware are the number one security threat to tablet computers, followed by public Wi-Fi eavesdropping. Phishing attacks are phishing attacks, whether your users are on a PC or an iPad, and enterprises need to implement the same strong security measures regardless of the device.
So, what’s an IT group to do?
Individuals should be able to send, share, and access files and applications, while you ensure they’re protected from malicious content. Accellion Secure Mobile Apps is one viable option – providing around-the-clock secure access to files to a range of mobile devices, plus encrypting documents for future, offline use. Plus, if the device is ever lost or stolen, administrators can easily block access remotely and reset credentials.
Let’s face it: your employees were likely attracted to the iPad because it makes their life easier – and maybe a little more fun. So, the key is to boost security while enabling employees to work and interact exactly as they do today. The discussion on tablet security is far from over, so look for more insight on our blog.
Today, malicious apps and malware continue to be the number one security threat in tablets, followed by public Wi-Fi eavesdropping. Tablets can easily be infected by clicking on a malicious link or by entering company credentials into a phishing page mimicking itself as a challenge page.
While we’ve seen examples of the mobile platform companies proactively addressing malware attacks – the iPad 2 Smart Cover security hole fixed by Apple’s iOS 5.0.1 release and Android’s 58 malicious applications, which were downloaded onto 260,000 devices before Google remotely wiped the devices clean – it’s simply not enough. Not to mention, these remedies aren’t always applicable to tablet devices, with only a small percentage maintaining an always-on 3G connection, making it nearly impossible to implement a real-time security fix.
Two ways that mobile platform companies have typically remedied security holes exposed by malware: OS security re-architecture or stricter entry programs into app stores. However, the stricter the app adoption rules and implementation restrictions (so as to not allow a bad app into an app store), the less number of apps enter the market in a given time. While Apple has the luxury of highly scrutinizing the apps it approves, Android–coming from behind—has looser controls in an effort to balance innovation with security.
The recent Smart Cover security hole uncovered in iPad 2 and fixed by Apple’s iOS 5.0.1 release is the OS remedy; and Android’s 58 malicious applications, which were downloaded onto around 260,000 devices before Google eventually admitted it and wiped them from devices remotely, is an app store remedy.
Both of these remedies are not acceptable solutions for enterprises. Enterprise IT heads cannot wait for a new OS release or a re-evaluation by the app store when a malicious attack is siphoning confidential data from thousands of devices. The situation gets even more critical when malicious apps get on tablet devices. Unlike smartphones, most tablets are still tethered devices. Only a small percentage of them have always-on 3G connection through which a remedy can be applied immediately.
Accellion Secure Mobile Apps give enterprise tablet users the ability to securely share, edit, send and receive files in their workspace without the fear of a malicious app or link compromising their content and identity.
Accellion Secure Mobile Apps work in conjunction with Accellion Secure Collaboration to keep everything in an encrypted, secure, private container, even if a tablet user decides to download a file onto its local drive.
Should malware infect an Accellion Secure Mobile Apps user device, nothing is lost. Or, if it tries to access the tablet’s local drive, it will see nothing but a bunch of encrypted files. Users could be on an iOS, Android or BlackBerry device, and it will behave the same.
And then there is the internal threat, when people get distracted and leave behind their device by accident. If there is sensitive corporate data on the tablet and the device ends up in the wrong hands, it could easily lead to a reportable data breach. With Accellion, IT has control and management over the application, so if a device is lost or stolen, Accellion administrators can easily block access remotely and reset credentials.
Look for the discussion about tablet security to continue on this blog, but in the meantime, the more you use your tablet like a laptop, the more you should consider taking security measures.
TWITTER
FACEBOOK
LINKEDIN
YOUTUBE