When it comes to improving productivity, there's little question that BYOD and the cloud go hand in hand and can provide significant benefits. The cloud enables employees to access their work files and data from anywhere, at anytime, not just on the company premises and corporate network, and since cloud services typically play well with the vast majority of consumer devices, BYOD further increases the accessibility of work documents while employees are on the go. Of particular usefulness are cloud storage and file sync and share services. But when it comes to sensitive enterprise data and documents, popular consumer file sync and share services may not cut it. BYOD demands the best secure cloud storage, a fact that you must hammer home in your role as your customers' trusted security advisor. Here are two reasons why.
1. Cloud services may increase the risk of a data breach
There are many reasons to adopt public cloud storage, top among them being ease of deployment and scalability, but one major reason to be cautious: the cloud security risks. Multi-tenancy and a reduction in control over security standards and procedures may make public cloud storage and file sync and share services easier (and more tempting) for attackers. BYOD, meanwhile, may enable greater amounts of sensitive data to make its way into an insecure cloud due to the ease with which employees can work and upload data. The best secure cloud storage for BYOD organizations will protect data through strong user access and authentication controls and encryption schemes that offer client-side encryption and storage of encryption keys. Organizations can further protect their data in public cloud services by deploying client-side encryption gateways to detect and secure sensitive data before it leaves the enterprise perimeter.
2. BYOD device loss and theft also increase the risk of a data breach
Now that we've covered the risks inherent to many cloud-based file sync and share services, let's turn our attention to the BYOD devices themselves. If you've ever used a consumer-oriented cloud storage service like Dropbox, then you're familiar with the mobile apps that those services use to make documents available on mobile devices. Once installed, users typically must log in once. After that, the apps remain logged in to the user's account. What that means is that all those work documents and all that work data becomes readily available to anyone with access to the device. So what happens if a device is lost or stolen? If the device itself isn't secured, anyone who gets their hands on a BYOD device can open up the cloud storage app and view whatever it contains. For this reason, in a BYOD organization, even the best secure cloud storage services must be backed up by strong security controls on BYOD devices. Mobile Device Management (MDM) solutions that validate and adjust device security settings can assist in this by requiring password authentication on devices. MDM solutions can further control access to corporate data by remotely wiping them in the event of device loss or theft.
The cloud, as we have discussed on this blog, is not only inevitable for any enterprise that wants to retain a competitive edge, but also beneficial. It can't be adopted willy-nilly, though. To mitigate the risks that public cloud services and BYOD can create, VARs must help their customers leverage the available technologies to alleviate security and compliance concerns. If you don't think you're quite ready to do that, speak to one of Ingram Micro's information security and business development specialists today to get up to speed.
What are the best secure cloud storage vendors and strategies you've come across? Tell us your thoughts in the comments.