The cloud debate: balancing worker productivity with business security
Hightail’s Kevin Mackin writes that workers bringing their favourite apps into the workplace are threatening the integrity of business data – but the solution is not to ban outside apps and devices.
The growing and uncontrolled use of non-secure devices and applications is going to burn someone badly, and much sooner rather than later. It will cost their company a bucket load of money and it will probably cost them their job. It’s not just protection from hackers that we need to worry about.
It is only a matter of time before someone inadvertently leaves their iPad somewhere and a customer/competitor/press accesses a tonne of extremely sensitive commercial information – say, the rushes from a new TV ad, the brief for the next mega social campaign, or next year’s marketing budget.
Please don’t become the subject of the learning that will emerge from this mess – you don’t want to be next ‘The [insert your name here] Datagate Affair’.
Consumer versus enterprise – why it matters
Typically when an enterprise application is designed and built, great consideration is given to safeguarding a business and its private information. The service will have built in encryption and will negate the potential workplace hazards we face everyday, such as:
- How do you keep your information and data safe when everyone is accessing their files from myriad devices?
- how do you keep your clients‘ information safe?
- how do you protect yourself from losing important data when employees move on to new jobs?
- how do you meet regulatory requirements like the Australian Privacy Principles?
- how do you take back control of your information once that employee leaves? and
- what happens when you switch suppliers? Can you recall all information that you’ve sent them in the past?
The marketing industry is vulnerable
The marketing industry is one of the biggest culprits in using consumer apps and services at work.
Marketers are naturally tech savvy, and are quick to adopt free tools that help them work remotely. For example, accessing work files from home, reviewing a colleague’s work at lunch, or signing off and approving documents on the go.
Marketers are busy people with limited time and a thirst for working effectively, but discussions around information control and security are primitive. It needs to extend beyond information accessibility.
You need to define who can access what information and restrict who your employees can send information to. It’s important to expire files that you’ve shared with peers, suppliers and consultants once you deem it appropriate.
You need to track how many and what devices your employees are using, and understand how they’re using technology (hardware, software or cloud services) to support their individual job responsibilities. The list goes on.
Balancing worker productivity and business security
Understanding how employees work and pinpointing the tools that they use is paramount. Get the issue out in the open, get people talking and start listening.
Having worked for the last 20 years in jobs where I’ve had to manage large, international teams, I feel like I can offer these three initial ideas on how to tackle the ‘bring your own app/device’ (BYOA/BYOD) issue:
1. Scrutinise cloud services regularly
Social media has made it increasingly easy to hear about popular new apps and services. When you read about a new service, look at how it will not only support workplace efficiency but also meet your obligations as a business partner and supplier. Seek some external, independent IT advice if need be, and restrict the use of the app by employees until you give formal approval for use.
2. Involve staff
The way we work is always going to evolve, so we need to continually ensure technology tools are a priority discussion among staff. Stay in touch with how your employees are carrying out their work. Keep an inventory of the devices they’re each using – are they working across a full range of tablets, PCs, phones and laptops? Keep communication open, and ask them to flag the tools and devices they want to use in regular catch-ups.
3. Develop clear policies
Specify approved apps and services for employees to use for work related tasks. Explain to employees why it’s important that only approved applications are used. Discuss the responsibilities of your organisation as a keeper of client information and the employees’ role in this relationship.
We’ll only be able to reap the real rewards of a BYOA and BYOD mad world if we understand very clearly the services we’re using, and how they’re supporting (or undermining) our daily life.
Kevin Mackin is a veteran of the tech industry, having been involved with some of the biggest names in the business – from Compaq and Telstra through to WebEx and IBM. In the last 14 years he’s been tasked with establishing the APAC operations for WebEx (now Cisco), Coremetrics (now IBM) and most recently for Hightail (formerly YouSendIt). Kevin’s marketing and business nous does not come at the expense of his passion to one day…become a pirate.