Dark 'Cloud' Forming: The Struggle to Balance Security and Employee Privacy
Gone are the days when employees sat at their desks with corporate-issued laptops or when employees would “VPN” into the office just to get their email. And gone are the days when mobile email meant the drab Blackberry.
By 2017, Gartner predicts that more than half of all large corporations will require their employees to bring their own devices (BYOD) to work. At the same time the use of cloud applications is exploding, since they are easy to use from anywhere at any time. However, at the intersection of BYOD and the cloud are two huge concerns for IT staff and employees alike -- security and privacy. Established solutions on the market largely fail to address these areas simultaneously, and both must be balanced for BYOD and the cloud to move forward.
Today’s employees are continuously connected to both work and their private life using a range of devices such as tablets, smartphones and laptops, switching between these devices as they go about their lives. Compounding matters, employees use their preferred cloud apps for both work and personal use. Cloud apps are always up to date, easy to acquire and far easier to use than on-premise corporate apps. In many organizations, the sanctioned apps provided by IT tend to be woefully out of date and antiquated in comparison.
Against this backdrop of BYOD and self-serve cloud applications, corporate IT struggles to control and secure corporate data. Familiar security products and technologies are designed to protect corporate infrastructure. But with BYOD and the cloud, corporate data is served from third-party cloud apps via third-party mobile networks to employee-owned BYOD mobile devices and laptops. The challenge of securing sensitive corporate data in this uncontrolled environment is daunting, and largely unsolved.
Initial attempts at securing corporate data in BYOD and cloud environments comprised of installing mobile device management (MDM) software on each device. MDM software controls how employees can use their devices and monitors all employee actions on them. Naturally, employees were not thrilled that corporate IT could monitor even their personal communications on their own phone. In a recent survey conducted by an MDM vendor, 70 percent of employees expressed privacy concerns regarding MDM agents on their devices.
Privacy concerns have driven savvy employees to carry two devices, one for work and one for personal use.
Early approaches to securing data in cloud apps have also been heavy-handed. These approaches inspect and block access to cloud apps, whether personal or work related, violating employee privacy. In fact, separating personal use from business use is no easy task since employees may use the same cloud app for both.
In the end, when sensitive corporate information leaks, corporate IT has no idea how it got there. Corporate data has become like the dollar bill -- employees need to use it anywhere, any time to be productive, but they should not be able to make unauthorized copies.
What corporate IT really needs is a technology to track and secure data no matter where it is -- in the cloud, on employee devices or anywhere on the internet. Such a technology would not only enable corporate IT to say “yes” to the cloud apps and devices that employees want, but also finally be able to answer the perplexing question: “Who leaked that spreadsheet on Dropbox?”