Rogue IT: The Need for a Consumer-Grade Experience with Enterprise-Grade Security

The rise of the cloud and bring your own device (BYOD) have changed the enterprise paradigm completely, and IT departments that aren't keeping up with new user demands are losing control.

Each new generation of products brings with it a new set of challenges. The ubiquity of cloud services and the growing capabilities of mobile devices (i.e., sensors ã?? GPS, accelerometers, NFC, image recognition) is truly enabling the anytime, anywhere enterprise for the first time. Business now takes place 24/7, and there is simply no way to quiet the incessant ringing of the anytime, anyplace enterprise bell.

Mobile devices have saturated the enterprise via BYO programs. According to Gartner, more than 60 percent of organisations already have such programs in place, while a meagre 10 percent of organisations claim they will never have BYO programs. Itã??s clear that employees increasingly want to use their mobile devices for work, and employers are realising that it is futile to try to stop it.

However, organisations are still struggling with getting the proper security in place. To try to minimise risk, they only provide employees access to email, calendaring and contacts via enterprise apps. But employees want to do real work, so they are turning to unsanctioned (or rogue) consumer apps in droves ã?? self-selecting the tools they want to use. Mobile workers need access to documents on every device they own, and they need to be able to reach and collaborate with colleagues in real-time. Letã??s face it: There is absolutely no way the 200 million Dropbox users out there are using it solely for personal files.

To quote Kranzbergã??s First Law: ã??Technology is not positive nor negative, nor is it neutral.ã?쳌 We have the power to use technology wisely or not. Cloud services and the BYOD phenomenon are simply enterprisesã?? newest challenges.

The Real Risk of Rogue IT

Todayã??s mobile workforce demands new ways to get work done, and they go outside of approved IT standards/applications to do it. In fact, our recent study found that 41 percent of US mobile business users have used unsanctioned services such as Dropbox or Google Docs to share or sync files, despite 87 percent saying they are aware that their company has an explicit document sharing policy prohibiting this practice.

Donã??t believe your employees would do it? We recently led an industry initiative that sought first-hand business and IT leadersã?? feedback on the top shadow/rogue IT challenges faced by their organisations ã?? critical issues related to the informal, ad hoc software and devices brought by employees into the workplace.

Quite simply, companies that donã??t support the changing needs of their mobile workforce will inevitably cause their employees to go rogue. Tapping unsecure consumer apps while using/sharing business information, employees will (often unknowingly) put their companies at risk of major data breaches, loss of valuable data and company IP, and potentially large financial losses. The business risks of unsanctioned consumer apps are real: data leakage, loss of control over corporate assets, and a general lapse in governance and compliance. Issues like privacy, data ownership and liability, and mobile device rights all have huge implications as well.

Shaking Things Up

As IT leaders move beyond information plumbing/infrastructure and become more business-savvy, they will come to realise the need to help organisations adopt the most appropriate technology to run the business. Given the enormous implications of BYO programs for employees and businesses alike, IT needs to focus on minimising associated risks to ensure these programs donã??t escalate into ã??Bring Your Own Disasterã?? horror stories.

One way to do this is to supply tools that interoperate, while accounting for governance and data leakage concerns. Forward-thinking IT leaders are embracing the behaviours of rogue IT ã?? namely employeesã?? desire to choose their own work tools ã?? and providing safe alternatives to popular rogue services.

Organisations also need to be crystal clear about mobile device usage boundaries, just as employees should carefully evaluate how much they want to merge their personal and professional mobile identities. No one wants to think about their company wiping out their personal data or commandeering their beloved mobile number, but it can happen.

Because of these concerns, BYOD will soon morph into CYOD (Choose Your Own Device). Organisations will own the device but let employees use them partially for private use ã?? similar to what they have been doing with laptops for years. While this will solve many issues, including the ownership of a mobile phone number when an employee leaves, companies still need to rethink the way they approach mobile collaboration as a whole.

For example, many companies have already spent millions on using Microsoft SharePoint for document management. Itã??s considered safe and provides the required governance and compliance. So why arenã??t more companies offering employees a Dropbox-like SharePoint mobile app? Employees would undoubtedly appreciate the ease-of-use, and businesses would benefit from increased security.

Turning Risk Into Reward

If companies provided user-friendly solutions for enterprise tools, employees would use the ITã??sanctioned resource, and it would surely be a winã??win. Mobile workers need all of the powerful mobile tools their companies use in a single-screen, full-context app to easily get work done and reap the rewards of team collaboration on the fly.

The key takeaway? Employees need a consumer-grade experience with enterprise-grade security. Until this happens, end users will continue to bypass IT.

This article was written by David Lavenda, VP of Product Strategy,