BYOD / (BYOC + BYOS) = TROUBLE?

There’s little debate that the frequency and proliferation of employees using their own devices for work has and will continue to increase. With the cloud – private, public, and hybrid – as one of the hot growth areas in IT, there were bound to be issues where these two growing trends intersect. The new acronyms are BYOC (Bring our Own Cloud) and BYOS (Bring Your Own Services) and they can cause issues for IT management, not to mention the entire enterprise by putting the security of company information at risk.

But, BYOC is not just employees using their own cloud to produce their own work, but often entire departments using cloud-based applications without the IT organization’s knowledge. One of corporate management’s major fears with BYOD and BYOC is that it could morph into BYODB, or Bring Your Own Data Breach.

For example, Computerworld relates the case of a VMware CTO who makes multimedia presentations all over the world. The virtualization company’s own IT organization couldn’t offer a viable solution to increase his email attachment size quota so he started using Dropbox on his own. His actions are echoed in a study by Forrester Consulting for Unisys, which found that 56 percent of information workers “use unsupported personal devices or apps for work because they need the capabilities and their organization does not provide an alternative.” Also, with services such as Dropbox, Box, Microsoft SkyDrive, Google Drive and other cloud-based syncing services grow in popularity, they will increasingly become targets of hackers.

Although creating and enforcing a strict corporate policy regarding the cloud is one way to go, another solution that some experts advocate is to BYO, or build your own. TechRepublic enumerated several reasons and benefits to go the BYO route to create a company-centric cloud. Although a BYO solution offers total control and likely more flexibility than third-party clouds, the internal IT group will then be fully responsible for security. Therefore, it’s vital that IT have the highest degree of security acumen and skills, and if they aren’t up to the task, then the company will need to either hire in or contract out for this absolutely essential expertise.