Companies: Say No to Consumer-Level File Sharing (Part 2)

Merging IT and end user groups illustration

In “Just Say No” Part 1 we talked about Dropbox and why it’s not ready for prime time in the enterprise. In Part 2 we’ll talk about what file share products are ready for prime time.

Business/enterprise level ESS (enterprise sync and share) needs to make two groups of people happy, even though those two groups sometimes have opposite ideas of happiness.

Group 1: End Users

They want file sharing that is simple, that works, and that does not cost them anything. Dropbox fulfills all their needs so why should they switch, especially if they already own their own mobile device? The reason why is that employees do not, in fact, own their company’s data. They may own their own devices and personal data, but not company data. If a company allows a BYOD policy – and many of them do because it saves money – the company must respect that the end-user owns the device. At the same time, end-users must respect that they do not own their work data and the company has the right and responsibility to protect it.

Group 2: IT

This group is responsible for data security, availability and compliance. Frankly, that is quite impossible when mobile device users insist on using outside services to manage and store company data. IT’s response is often to require employees to use some form of mobile management, such as Mobile Device Management (MDM) and Mobile Application Management (MAM).

MDM controls employee mobile devices. When we talk about managing BYOD for security this is usually what we mean. MDM features include locking, wiping, and policies to manage applications and data downloaded to client devices. MAM controls the business applications running on mobile devices, usually a password-protected application suite for authorized users and devices. Security policies like remote wiping usually only affect the encapsulated applications and data, but not always.

In both cases, IT loads the technology onto mobile devices including personal ones. As you can imagine, this does not go over terribly well with device owners, but is a real necessity in highly regulated industries. The alternative solution, of course, is to issue employees mobile devices and require that they be kept separate from personal ones – also a difficult course to manage.

Getting the Groups Together

But what if all the hapless end-user wants is to share some files, especially between his or her own personal devices? And what if IT is willing to let them do that as long as IT retains control over corporate data?

There’s an app for that: enterprise sync and share, or ESS. The five success factors in introducing ESS into the organization are:

  1. Usability. Employees will simply not use a complicated file sharing or security application on their own personal device. IT must be sure that the end-user interface is as simple and non-intrusive as Dropbox. When the end-users switch to using this simple application instead, they don’t notice much difference – but IT does, because mobile company data is now stored in company repositories.
  2. High scalability. Workgroup versions of file sharing products may be perfectly adequate for, well, workgroups. But company-wide file sharing products with central management consoles need to have enterprise scalability. This means serving tens of thousands of files, hundreds to thousands of users, and multiple devices per user. Licensing and purchasing must also be cost-effective as the number of users grows. Any ESS worth its salt will do this; watch out for the ones that say they are enterprise level but are not this scalable.
  3. Control. Centralized control is the big distinction between consumer and the enterprise products. Some consumer products have added rudimentary management capabilities but not on the scale that the enterprise needs. Basic control features include user access control MS Active Directory (AD) integration, lets IT set permissions and access controls on shared data. Another critical feature is storing mobile data in a company-owned network or cloud repository for central data management.
  4. Security. ESS protects file integrity with locking and versioning, and lets IT secure files through a central management console. IT can set and enforce security policies, practice user and role-based access control, and audit device and user network access.
  5. Compliance. Consumer-level file sharing is a prime offender against compliance. The ability to safeguard files is critical in highly regulated industries like financial, healthcare, government, and more. Consequences can range from IT annoyance all the way up to steep fines and legal sanctions., and an employee firing or two. IT needs to produce audit trails and activity logs for governance, including versioning records, and to prove that company data remains under IT control even with personal devices.

The upshot?

  • Dropbox is fine for consumers, but employees sharing company data on mobile devices are no longer just consumers.
  • When choosing an ESS product, IT has to take usability into account, or employees simply will not use it.
  • The ESS product should be IT-friendly too, with simplified management consoles.
  • IT must be able to enable user file sharing while retaining user access control, data security and compliance, and centralized data repositories.