|By Pete Cafarchio||
|October 5, 2012 12:00 PM EDT||
The "consumerization of IT" is a topic we've heard a lot about recently - especially when it comes to "Bring Your Own Device (BYOD)." One area that is less talked about, yet a growing trend under the "consumerization" umbrella, is the use of free, consumer-type file transfer services in the workplace.
A tough economy has forced IT departments to do more with less - especially within small and medium-sized businesses (SMBs). Working with limited resources and budget, SMB IT professionals are still expected to manage everything from network infrastructure to cloud services to security and compliance issues, all while keeping the business running smoothly. Sometimes this results in long "wait" times for employees.
Unfortunately, some employees get tired of waiting for IT to help them out and take matters into their own hands in order to get their jobs done. When it comes to sending large files that an email server can't handle, many employees are turning to consumer-type, cloud-based tools, such as YouSendIt, Dropbox and iCloud. To them, it's a way to send files in a matter of minutes without having to bother the IT department. But in reality, it's a recipe for disaster and a data security nightmare.
Employees aren't the only problem. A recent survey by DataMotion found that nearly 35% of IT and business managers admit that they've actually used or recommended that others use free consumer-type, file transfer services for work purposes.
This is a major problem that needs to be addressed. Free services disrupt any semblance of centralized IT control, as there is no way to track and manage files sent via these solutions. These tools often have weak or non-existent security controls, which introduce serious risks when transmitting sensitive information. This can lead to data leakage, compliance fines, legal liabilities and a tarnished reputation. Need proof of the security issues surrounding these services? Dropbox recently confirmed that usernames and passwords stolen from third party websites were used to access its customers' accounts.
What Can Be Done?
To avoid putting their infrastructure at risk, some companies are banning consumer-type, file-transfer services in the workplace altogether. In fact, nearly 42% of DataMotion's survey respondents stated that their company forbids the use of these services in the workplace, and nearly 30% said their company even goes so far as to block the sites' URLs.
But, IT must offer employees viable, easy-to-use alternatives or frustrated workers will continue to find workarounds. Luckily, there are data delivery solutions that help employees transmit information quickly and easily through secure channels, while still providing IT staff with visibility and control over this data.
Here is a brief, yet important, checklist of product features to consider when evaluating data delivery offerings for your organization. Make sure the solution:
- Offers Simplicity - If the product is not intuitive and easy-to-use for both senders and recipients, not only will the IT support burden increase, but, employees will find alternative, insecure ways to send their data. The best security does no good if it is not used.
- Provides Flexibility - Going back to BYOD, employees are sending just as many emails via their mobile devices as they are on their computers. Consider a data delivery solution that integrates with mobile devices, so security and compliance controls are enforced no matter how - or on what device - data is sent. Solutions that do so natively (without the need to launch an application) make it easy for the employee to follow policy.
- Prioritizes Security - The ability to easily send sensitive information securely is vital. Make sure your data delivery solution encrypts data while it's in transit and at every "hop" where it's stored along the way. It's also important to ensure the solution's delivery methods adhere to your own internal - as well as industry - security and compliance regulations.
- Gives Control to the IT department - A solid solution will provide IT with centralized control, the ability to easily provision/de-provision users, and track and monitor all data transfers, including file names, sender and recipient IDs, timestamps, completion status notifications and other important metadata.
- Delivers ROI - Consider the difference between on-premise and cloud-based solutions. Cloud solutions often offer lower total cost of ownership (TCO) because of significant cost savings in hardware, OS licenses, staffing and disaster recovery. Additionally, because up-front costs are minimal and the solution can be up and running quickly, cloud solutions provide companies with a quick return on investment. Just remember to make sure your cloud provider upholds or exceeds the same security and compliance standards that you follow.
With data breaches more prevalent than ever, industry regulations rapidly expanding, and Big Data becoming the norm, companies must re-evaluate their methods of data sharing. Choosing a solution that encompasses the features outlined in this checklist will put you well on your way to protecting sensitive information and staying ahead of the competition. And pairing this with employee education and awareness will help you gain control back from the "wild west" of rogue application use.
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, answered that question citing examples, showing how to create opportunities for ...
Aug. 30, 2015 01:00 AM EDT Reads: 473
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, will discuss how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a prac...
Aug. 30, 2015 01:00 AM EDT Reads: 207
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
Aug. 29, 2015 07:15 PM EDT Reads: 374
In his session at 17th Cloud Expo, Ernest Mueller, Product Manager at Idera, will explain the best practices and lessons learned for tracking and optimizing costs while delivering a cloud-hosted service. He will describe a DevOps approach where the applications and systems work together to track usage, model costs in a granular fashion, and make smart decisions at runtime to minimize costs. The trickier parts covered include triggering off the right metrics; balancing resilience and redundancy ...
Aug. 29, 2015 05:00 PM EDT Reads: 173
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
Aug. 29, 2015 04:00 PM EDT Reads: 330
Several years ago, I was a developer in a travel reservation aggregator. Our mission was to pull flight and hotel data from a bunch of cryptic reservation platforms, and provide it to other companies via an API library - for a fee. That was before companies like Expedia standardized such things. We started with simple methods like getFlightLeg() or addPassengerName(), each performing a small, well-understood function. But our customers wanted bigger, more encompassing services that would "do ...
Aug. 29, 2015 03:00 PM EDT Reads: 224
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
Aug. 29, 2015 11:00 AM EDT Reads: 256
What does “big enough” mean? It’s sometimes useful to argue by reductio ad absurdum. Hello, world doesn’t need to be broken down into smaller services. At the other extreme, building a monolithic enterprise resource planning (ERP) system is just asking for trouble: it’s too big, and it needs to be decomposed.
Aug. 29, 2015 10:00 AM EDT Reads: 337
Early in my DevOps Journey, I was introduced to a book of great significance circulating within the Web Operations industry titled The Phoenix Project. (You can read our review of Gene’s book, if interested.) Written as a novel and loosely based on many of the same principles explored in The Goal, this book has been read and referenced by many who have adopted DevOps into their continuous improvement and software delivery processes around the world. As I began planning my travel schedule last...
Aug. 29, 2015 10:00 AM EDT Reads: 510
Docker containerization is increasingly being used in production environments. How can these environments best be monitored? Monitoring Docker containers as if they are lightweight virtual machines (i.e., monitoring the host from within the container), with all the common metrics that can be captured from an operating system, is an insufficient approach. Docker containers can’t be treated as lightweight virtual machines; they must be treated as what they are: isolated processes running on hosts....
Aug. 29, 2015 10:00 AM EDT Reads: 129
SYS-CON Events announced today that G2G3 will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based on a collective appreciation for user experience, design, and technology, G2G3 is uniquely qualified and motivated to redefine how organizations and people engage in an increasingly digital world.
Aug. 29, 2015 09:30 AM EDT Reads: 440
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Aug. 29, 2015 09:30 AM EDT Reads: 855
Introducing Containers & Microservices Bootcamp at @CloudExpo Silicon Valley | #Containers #Microservices
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
Aug. 29, 2015 09:15 AM EDT Reads: 245
The pricing of tools or licenses for log aggregation can have a significant effect on organizational culture and the collaboration between Dev and Ops teams. Modern tools for log aggregation (of which Logentries is one example) can be hugely enabling for DevOps approaches to building and operating business-critical software systems. However, the pricing of an aggregated logging solution can affect the adoption of modern logging techniques, as well as organizational capabilities and cross-team ...
Aug. 29, 2015 08:30 AM EDT Reads: 370
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
Aug. 29, 2015 07:45 AM EDT Reads: 561
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
Aug. 29, 2015 06:00 AM EDT Reads: 384
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
Aug. 29, 2015 05:30 AM EDT Reads: 356
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
Aug. 29, 2015 03:00 AM EDT Reads: 486
DevOps has traditionally played important roles in development and IT operations, but the practice is quickly becoming core to other business functions such as customer success, business intelligence, and marketing analytics. Modern marketers today are driven by data and rely on many different analytics tools. They need DevOps engineers in general and server log data specifically to do their jobs well. Here’s why: Server log files contain the only data that is completely full and accurate in th...
Aug. 29, 2015 12:15 AM EDT Reads: 347
The Microservices architectural pattern promises increased DevOps agility and can help enable continuous delivery of software. This session is for developers who are transforming existing applications to cloud-native applications, or creating new microservices style applications. In his session at DevOps Summit, Jim Bugwadia, CEO of Nirmata, will introduce best practices, patterns, challenges, and solutions for the development and operations of microservices style applications. He will discuss ...
Aug. 27, 2015 02:15 PM EDT Reads: 511