Almost every laptop I see has Dropbox installed on it. It’s easy to use, relatively inexpensive, and works 99% of the time. Users love it, but Dropbox does have its problems. First, it removes data out from under the control of organizational IT. It may be the number one cause of data leakage in an organization. Second, if Dropbox, the company, is asked to deliver your data under court order it probably will. Organizations can’t allow the use of services like Dropbox to be the unspoken standard of data synchronization and collaboration. It simply places too much data at risk.
The problem is that users have spoken. Our mobile workforce legitimately needs the capabilities that services like Dropbox provide. As a result the first step to beating Dropbox is to implement an enterprise file sync and share solution. But that solution needs to meet or exceed the Dropbox experience without compromising IT requirements. If, and that remains a big if, the enterprise file sync and share solution can provide a better service for users, then there is a second step that’s even more rarely taken, the deployment of a monitoring tool to make sure that Dropbox or some other consumer grade file sync and share solution is not implemented.
The Requirements For Enterprise File Sync and Share
As mentioned, the first requirement for enterprise file sync and share is to provide an experience that meets or exceeds Dropbox. All we can say here is “good luck”. First, from a usability perspective, Dropbox is that good and most enterprise file sync and share solutions are that bad. It’s a given that enterprise file sync and share has a more challenging job delivering a solid user experience because of the security and control requirements. The good news is that there are a few vendors that have reached parity with Dropbox in terms of usability.
If the user experience of Dropbox can be met, then the next step is to make sure the data is secure. There are several ways to do this. The first option is to make sure that all data is stored inside the data center and the solution only uses the Internet for data transfer instead of storage. While this places responsibility on IT to maintain availability it provides the ultimate in security, control and protection.
Another method is to securely leverage cloud storage which removes the requirement of IT maintaining the storage infrastructure. This can be done by using a file server as a service technology in which the cloud stores all data and then caches the appropriate data to each location or device. To maintain security it is important that the organization maintain ownership of the encryption keys. If the organization does not own the keys they are leaving themselves open to exposure by the provider.
An aspect that is often overlooked is control over what data is synced to which devices. Clearly an organization does not want all of its data synced to a user’s laptop, but instead, only the data that they have access to and are likely to need. In the enterprise use case an intelligent caching technique may be more appropriate than a synchronization technique.
The enterprise solution needs to provide control over what data is shared and with whom. Sharing data for collaborative efforts is now an expected capability but the enterprise software should at least report on whom data is being shared with and block sharing with unwanted domains.
“Sharing” should also mean external partners can “share into” the solution. For example, if an external partner creates a video and wants to send it to someone within the organization for review, an employee should be able to create an inbox of sorts for data to be sent to.
Finally, the enterprise file sync and share solution should provide the ability to remotely wipe a device. This protects against both a stolen device and an employee departure. But that remote wipe should honor the bring your own device (BYOD) initiative that many organizations have embraced. The remote wipe should only wipe corporate data shares from the laptop in question leaving personal user data intact.
Enforcement is an area where almost every organization we talk to falls short. After going through all the work of implementing an enterprise file sync and share solution they don’t then make sure that other solutions (especially consumer solutions) aren’t deployed. Often this happens because the sharing part of the enterprise file sync and share is not very good. This leads to an employee “temporarily” deploying Dropbox to allow a business partner to send data.
Enforcement should be a solution that scans for a variety of online application services to make sure that they are not deployed anywhere in the environment. It should provide a dashboard type of display that reveals this information.
Deploying an enterprise file sync and share has immediate benefits for the enterprise. Given the popularity of Dropbox all IT can hope for is a draw when it comes to users preferring the enterprise solution, at least until enterprise solutions nail the user experience. But again, there are enterprise file sync and share solutions that can get the organization to parity. The most important next step is enforcement, find a solution that makes sure that only the enterprise solution is deployed. Once complete IT can rest easy knowing that corporate data assets are once again protected and secure.