With the rise of industry buzzwords like ‘cloud’ and the bring your own device (BYOD) trend, it’s hard for small businesses to know where to turn to store their data and keep it secure.
Mike Kane, director of cloud and client software at Softchoice Corp., gave us a few pointers on how to use cloud responsibly in the workplace. All too often, he says, employees working for small to mid-sized businesses (SMBs) are happy to leverage the cloud and BYOD without fully understanding it.
We’ve rounded up three of his ideas on cloud and BYOD.
1. Adopt a solid plan for IT – and make sure your employees know about it.
While it may be tempting to adopt an extreme – either cutting off all access to cloud and BYOD, or allowing employees free rein in the workplace – neither approach will work, Kane says.
It’s an IT person’s job to protect his or her data, but to also do so while keeping end users’ wishes in mind, Kane says. And end users often do want the flexibility of being able to do work from home, or to use their preferred devices for work.
Although that translates into a balancing act, that’s something IT administrators need to accept with BYOD and cloud coming into the workplace, Kane says.
“A lot of times, an IT professional doesn’t know about the software as a service applications out there in his or her environment,” he says, adding it’s best to know what those are and then build out strategies and policies for employees to follow.
Still, unless employees are aware of these policies and are on board with them, they won’t follow them. That’s why it’s key to ensure everyone in a company understands who is liable for keeping company data secure, Kane says.
Often times, businesses and employees don’t seem to know who should be liable for proprietary data, like customers’ information. There’s no hard and fast rule, as both businesses and employees can both be found legally responsible by a court for not properly securing customer data.
But the best way to avoid a breach through misuse of a device or the cloud is by ensuring all employees understand that they can be held responsible, Kane says. That includes employees understand the rules before they download potentially malicious apps or lose a device somewhere. It also means encouraging them to read all the terms and conditions before they download software to their computers.
“What we find is, when somebody loses these devices, there’s some pretty critical information on them. And the other question is, are those devices encrypted, or is there any way to protect that information that’s being stored there?” he says.
“And if it’s not, what could happen if it fell into the wrong hands with that kind of proprietary information … it’s a challenge, because there’s nothing malicious here, right? They’re just trying to get the application in their environment.”
2. Have an exit strategy in place.
For SMBs, the cloud can present a very attractive option because there are few barriers to entry and the cost is low. But Kane cautions his customers about jumping into the cloud too enthusiastically, as that can present problems further down the road.
“The exit strategy is something not a lot of people look at it because it’s enterprise-grade technology and it’s so easy to obtain, there’s typically a very good end user experience,” he says. “So for all those reasons, the cloud is exploding. But … what happens when I want to move to a different cloud service provider, a lot of that is not thought through.”
For example, if a company wants to part ways with its cloud service provider, or it becomes acquired and needs to move its data, it can be difficult unless the company has mapped all of that out ahead of time.
And as cloud technology becomes more and more of an industry byword, in the future, Kane says he expects to see exit strategies become more of an issue.
3. If your business is too small to have a fully-fledged IT department to manage cloud and BYOD, consider getting a third party involved.
Many SMBs often have no idea what apps and third-party services employees are bringing into their corporate network. Softchoice offers an IT assessment for these companies, helping them figure out what should be blocked and what can be allowed in.
“The first thing we do is bring that visibility to them, like saying hey, did you know you have 50 users using Dropbox?” he says.
“We first bring that visibility to let them know what applications users are using everyday, and then we give them an option on what they want to do with that, to build out some strategies and policies once they have that information.”
In determining an SMB’s cloud and BYOD policies, the most important thing is to decide whether something is worth allowing in the workplace. Often times, the answer is yes, Kane says.
“People are collaborating more and more, and they’re able to be mobile on these devices. So it is extremely convenient to be able to access these apps on a mobile device. And in many cases, it’s also valuable, because end user productivity can increase,” he says.
Still, he says, it’s important for IT professionals to know what’s happening in their environment – and to have a plan prepared.
Check out Softchoice’s video on its cloud technology offerings: