what you should know about file sync-and-share workloads

1 downloads 188 Views 2MB Size Report
mobile devices—in the cloud at affordable prices has resulted in a spike in FSS adoption in enterprise-class organizat
WHAT YOU SHOULD KNOW ABOUT FILE SYNC-AND-SHARE WORKLOADS CONTENTS: •

Enterprise Mobility Strategy and BYOD Policies



Endpoint Vulnerabilities and Challenges

• Conclusion

It’s hard to have a conversation about technology usage trends without hearing the term “consumerization of IT.” As tech-savvy business users increasingly look to take control of their IT environment, one of the most significant developments coming from the consumer technology space has been the dramatic rise in the use of cloud-based file sync-and-share (FSS) services. The ability for users to store, backup and retrieve work data—often from personal mobile devices—in the cloud at affordable prices has resulted in a spike in FSS adoption in enterprise-class organizations. Workers also are using FSS services as a collaboration resource that is easier to deploy and more reliable than legacy FTP sites. By late 2014, 68% of business users were storing work-related information in a personally managed FSS solution, according to Osterman Research.1 That research came with an important footnote: “Most of these tools are deployed by individuals without any sort of ‘blessing’ from their IT department,” according to the report.2 That lack of IT involvement and/or direct management is vitally important when it comes to protecting work-related data stored on non-PC endpoints such as tablets 1 “Improving the Security and Control of Your File Sync and Share Capabilities,” Osterman Research, October 2014 2 Osterman, Ibid

and smartphones. A recent study—sponsored by CommVault and conducted with IT professionals in TechTarget’s network of technology sites—said that most IT organizations are not responsible for backing up and ensuring recoverability of non-PC endpoints.3

Is IT responsible for backing up/recovering data from non-PC endpoints?

9% 27%

No Yes

64%

Unsure

Add in another data point from the TechTarget endpoint survey: 65% of respondents said cloud-based sync-andshare storage services were being used for work applications. Given the affordability of cloud-based FSS services and the ease of provisioning—typically without IT involvement or knowledge—it’s easy to see that data protection vulnerabilities often go hand-in-hand with FSS. One important reason why FSS is on the rise in business environments is users’ familiarity with consumer-class FSS services for their personal data such as photos and music. But storing MP3 files and JPEGs in the cloud doesn’t carry the same level of risk and significant downside as storing corporate data. There are potentially huge legal, regulatory, financial and competitive risks in using cloud-based FSS in work environments, especially when IT oversight and proper data governance are missing. The challenge of adhering to best practices and governance policies spanning compliance, e-discovery and security cannot be overstated, especially in highly regulated industries such as financial services and healthcare. “Corporate IT faces a tremendous challenge from any FSS app that does not satisfy enterprise requirements for data protection and IT control over corporate content,” according to Michael Osterman, president of Osterman Research. “Until IT can once again regain control of their data, they risk serious regulatory, governance and security issues.”4

The Challenges of Consumer-Grade FSS There are two certainties that IT professionals need to keep in mind about consumer-grade file-sync-andshare services:

3 “Changing Face of Mobility Raises the Stakes for Endpoint Data Protection,” CommVault, February 2015 4 “File Sync and Share Fraught with Security, Governance and Control Issues,” Storage Newsletter, July 2013

2

First, it is highly likely that your employees are subscribing to FSS solutions and are using them to store corporate data without your knowledge. This also extends to participants in your virtual workforce ecosystem, such as contractors, temporary workers and trading partners that have access to data on your side of the firewall. Results from the TechTarget/CommVault survey point out how widespread and diverse FSS adoption is throughout enterprises:

Which of the following sync-and-share storage services does your IT organization allow/support for work applications? Google Drive

35%

Dropbox

32%

iCloud

22%

OneDrive

22% 17%

Box

16%

AWS Storage

4%

SugarSync

36%

Other 0%

10%

20%

30%

40%

Second, even the best FSS services usually lack sufficient data governance and security features to be considered truly “enterprise-class” solutions. That means there is a high likelihood that your corporate data is at risk—perhaps at very high levels of risk.

3

While each organization’s risk profile naturally is unique and is shaped by a wide variety of factors, there are some common aspects to FSS risks, including: • FSS services aren’t an endpoint backup solution. Corporate data stored with outside parties is dependent on the security and reliability of third-party systems. If IT is not backing up that data and there is an issue with the FSS service, the data will be lost. • Problems meeting e-discovery requirements. Organizations must have real-time, reliable access to content that must be produced in the event of legal actions. Lack of IT oversight into data stored on FSS services can seriously undermine e-discovery compliance. • Malicious activities by employees and ex-employees. It doesn’t take much for proprietary information—customer records, new product plans, private patient information, credit card passwords and more—to be accessed by disgruntled employees and former workers. Keep in mind that one of the big challenges with FSS services is that employees often retain access to corporate data and services even after they leave an employer. For instance, Osterman Research notes that 84% of Dropbox users polled in a recent research survey said they still had access to systems used with a previous employer.5 • Compliance and regulatory violations. Compliance problems can create expensive, high profile headaches, and IT organizations are tasked with the responsibility of ensuring compliance. FSS services managed by users, rather than by IT, typically lack sufficient regulatory oversight measures. Of course, these are just a few of the many vulnerabilities organizations face when FSS services are used by employees to access, store and share corporate information without IT knowledge and/or management. Other potential drawbacks include scalability problems as more information is accessed by users; performance degradation caused by more and more users requesting access to data and services without proper ways to address storage latency, network bandwidth and database availability; and data management and administration that lacks a single, cohesive and comprehensive view of the location and status of all data.

Defining FSS Endpoint Data Protection Solutions for FSS Usage Defining the “ideal” endpoint data protection solution that supports FSS usage by employees means taking a holistic view of how FSS services are used in the enterprise, what risks must be addressed and how FSS support can be seamlessly integrated into a comprehensive enterprise data protection framework. Simply bolting some security features and governance policies onto FSS services isn’t sufficient to ensure true enterprise-grade data protection.

5 “Improving the security and control of your file sync and share capabilities,” Osterman Research, October 2014

4

One choice organizations should avoid in addressing this problem is unilaterally preventing employees from utilizing FSS services. Not only are FSS services extremely popular with users because of their ease of use, fast onboarding and support for collaboration functions, but FSS services—when properly managed by IT departments for such issues as information governance, compliance and security—can be a cost-efficient adjunct to on-premises storage management. Instead, organizations should consider the following requirements for an enterprise environment that supports FSS: 1. Make it easy to use. Remember that one of the most important features of FSS services is the userfriendly interface and quick deployment. Look for a tool that combines the functionality, security and scalability required for an enterprise solution with the ease of use of a consumer-class FSS. 2. Account for governance policies and best practices. The often-unexpected appearance of FSS services on IT’s radar means that they should conform to each organization’s own governance requirements. This is very difficult to do by just building governance policies on top of FSS implementations; instead, find a tool that seamlessly integrates those policies into FSS as a standard feature set—one that automatically evolves as the governance policies themselves change over time. 3. FSS integration into endpoint data protection solutions needs to be an IT responsibility. However, this needs to be done without putting undue management and administrative responsibilities on an already-stretched IT team. Look for a tool with a high degree of automation that aligns not only with information governance, compliance and security requirements, but also is in sync with the organization’s business rules to avoid confusion, duplication of efforts and the need for new software programming. 4. Make security paramount. Integrating FSS into enterprise data protection requires a heightened level of security to allow for secure file and folder sharing. Data needs to be protected in a repositorytype setting or “store” in order to both protect FSS-based data and to ensure discoverability for compliance and e-discovery requirements. 5. Keep your options open. Remember that users have migrated to FSS to increase productivity, so be sure your solution supports a wide range of devices and third-party applications. Look for a solution that is not limited to a specific platform or ecosystem, but that offers the same features and user experience across all devices.

5

Considering your options: CommVault Endpoint Data Protection IT organizations looking for innovative yet simple to use and easily deployable solutions that integrate endpoint data protection and FSS services may consider several vendors’ offerings. However, the increasingly sensitive nature of endpoint data protection means they should give strongest consideration to reliable, market-proven vendors with both a strong foundation in data protection and a keen understanding of how it is impacted by consumerization of IT trends such as BYOD and FSS. CommVault is a long-established leader in data management solutions with its flagship Simpana solution. Now, CommVault Endpoint Data Protection software—a key component of the Simpana software platform— helps support organizations’ desire to integrate increased use of mobile endpoints with FSS solutions that improve user productivity. CommVault Endpoint Data Protection is an enterprise-class solution, enabling organizations to centrally manage endpoint data protection, while supporting users’ file sharing requirements. It increases end user collaboration and productivity by allowing users to securely share files across internal and external teams. By coordinating all management functions into a single pane of glass, CommVault file sharing significantly eases the management burden on IT organizations, making it much easier for IT departments to take ownership of data protection in FSS environments. An intuitive Web interface, along with a mobile app, delivers the user experience employees have come to expect from consumer-class FSS services—only now with enterprise-class protection, performance and scalability. The software also gives organizations deployment flexibility by enabling on-premises, cloud or hybrid architectures. With CommVault Endpoint Data Protection, IT organizations can use customized policies to manage user permissions in order to ensure proper information governance and reduce risks normally associated with consumer-class FSS services.

Conclusion File sync-and-share services have quickly become a popular and widely deployed way for users to access, store and share business data. Unfortunately, many of those services were designed for consumer and individual use in mind, rather than for enterprise applications. As a result, as FSS becomes more widely adopted, it has opened up a Pandora’s box for security and data loss challenges because those services are rarely managed by—or even visible to—IT departments. As a result, organizations are looking to strike an important balance between empowering users to take advantage of FSS for collaboration and creating important safeguards to protect the organization against a wide range of potentially devastating outcomes.

6

More and more often, IT organizations are adopting enterprise data protection solutions that combine traditional endpoint security and data loss prevention with FSS capabilities for greater visibility into the location, accessibility, behavior and protection of data. As organizations increasingly embrace new mobile devices and modern enterprise computing paradigms such as BYOD and FSS, they are seeking holistic solutions to securely and effectively manage their data environments. CommVault, through its Endpoint Data Protection solution, is a leader in supporting the twin needs of greater IT visibility and control of file sharing and employee flexibility in using those services. CommVault’s long history of data protection, combined with its emphasis on the new mobility paradigm, makes it an excellent choice for IT organizations looking for solutions that enhance data protection without impacting employees’ need for self-service and increased collaboration. For more information on CommVault’s endpoint data protection and file sharing solutions, go to www.commvault.com/solutions/endpoint-data-protection.

7