Contact Us Menu
Categories: Product Tips

The Data Privacy Pit and the Enterprise File Services Pendulum

In 2015, it’s no secret that the rise in enterprise mobility, and the corresponding emergence of the cloud as a central point of services delivery, has changed the way organizations collaborate and store their business data. To enable this new era of mobile, cloud-connected worker – two technology categories have emerged to address the topics of user productivity:

  • Enterprise File Sync and Share (EFSS) tools offer a simple way to store and collaborate on data via the cloud across any collection of mobile and stationary computing devices.
  • Endpoint Backup ensures workers can protect and recover their data easily from the cloud.

With over 100 vendors in this new space of cloud-connected file services, IT managers are faced with an equal amount of challenges and choices as they decide on their data mobility and user productivity agenda. What’s more, as the market matures, we can witness decision making according to two distinct adoption waves that can be compared and measured in a remarkably short period of time.

Here’s a preview of their findings:

Wave 1: The ITification of the Consumerization of IT

The ITfication of Consumerization of ITMuch of the early adoption of these new file mobility and user productivity tools has been via hosted software-as-a-services offerings, where IT users would self-subscribe to consumer grade services just as they would with their own personal information, often without the approval or oversight from an enterprise IT organization. Much of this adoption happened virtually overnight, where unchecked consumer-grade file services have suddenly become a leading enterprise security threat and would rank among the most threatening applications running within an enterprise environment (search Fortinet’s threat database for “file” or “drive” for real-time examples).

In a response to the data security and privacy threats that were created by this consumerization-of-IT, IT managers would bring these services “into the fold” of corporate IT where EFSS and Endpoint Backup services would be connected into corporate domain services (a la Active Directory), sanctioned for broad use and even operated with various corporate data management and security systems (EMM, DLP, etc.)

THe ITfication of ITAnd then finally, with the basic security concerns covered – corporate IT managers were able to catch their breath and develop proactive, not reactive, file services strategies for their organizations… with the time needed to plan appropriately, the IT decisioning pendulum has swung.




Wave 2: Enterprise Control Over The Consumerization of IT

Now that the tactical response to enterprise file services has been made, organizations can now turn to developing long term strategies that mutually support an organization’s productivity and security requirements. There are several factors that play into the development of a cloud data services strategy, ranging from service functionality, to information governance to data sovereignty.  A leading IT analyst firm, The 451 Group, recently surveyed over 1,000 IT professionals about their use of EFSS tools within their environment. By comparing results from April 2014 and October 2014, The 451 Group was able to quantify the pendulum shift as nothing less than tectonic (download the report here).

To understand the magnitude of data privacy in the modern enterprise, let’s first look at the momentum:

451 report short blog


As shown, the proportionate demand for purely-public file services has decreased by 47% in only 5 months in favor of more private solutions that enable a greater level of security and data privacy which online services cannot fundamentally provide. Now that deploy-your-own solutions, such as CTERA’s Data Services Platform, have achieved enterprise validity and visibility, organizations are implementing company-wide, strategic agendas to take ultimate control of their data security and user productivity. Key criteria driving interest in private file services (as opposed to public services) include:

  • In-Firewall Services: classes of data must be stored within a company firewall to be compliant
  • Source-Based Encryption: secure organizations loathe the idea of sharing keys with 3rd parties
  • Data Sovereignty: an organization must be able to chose where regulated data resides

Today’s IT manager has more choice than ever.  Two axcioms have emerged to challenge the file services convention that I’d like to establish as the key takeaways for this discussion:

Acxiom #1: Private Cloud Does Not Only Mean Private Data Center
Virtual Private Clouds, such as Amazon’s VPC, IBM Softlayer Virtual Network and Verizon’s Virtual Private Cloud, enable organizations to leverage the cost and agility benefits of public cloud infrastructure while keeping the applications they run logically separated from other cloud tenants.  The availability of data services such as CTERA’s Enterprise File Sync and Share, Endpoint Backup and Cloud Storage Gateways make it possible to deliver consumer IT services entirely from within the firewall where you are the exclusive owner of your encryption keys.

Acxiom #2: To Govern All Data, All Use Cases Need to Be Addressed
We spent a good amount of time discussing EFSS only because it’s a hot market and a lightning rod for the privacy debate.  That said, a CIO can’t assert total information control, or awareness, without covering every aspect of user data creation, sharing and protection. To apply governance, IT managers need to deploy simple services that enable users to be productive so that they don’t store corporate data elsewhere – this applies to EFSS, backup and office file shares.  IT organizations can’t control the data without covering all of the use cases.

So… there you go.  All of life’s great questions have finally been answered.

Thanks for reading.

– jeff

Get New CTERA Blog Posts Delivered Directly to Your Inbox
Skip to content