Protecting enterprise data without locking it away

By Paul Hampton, Product Marketing Director at Alfresco
Published: 2 February 2017

The phenomenon of shadow IT is now ubiquitous and persistent. Employees will use their own tools to carry out work if IT departments cannot give them the support they need, when they need it.  Gartner recently noted that by 2020, a third of successful network attacks experienced by enterprises will be on their shadow IT resources.

When it comes to collaboration in particular, shadow IT has run rampant. In fact, 70% of global businesses’ employees are using their own personal collaboration tools, a figure that will undoubtedly increase with the growing use of mobile devices in the enterprise and the flat year-over-year spending on IT upgrades at many companies.
Organisations are therefore left with the challenge of protecting business critical content, at the same time as improving workflow practices for employees. Locking content behind the corporate firewall is no longer a viable solution. Mobile workers struggle with VPN issues, and external partners don’t have access to the information they need to collaborate effectively. The concept of a database as a single repository becomes a challenge, as there is no longer centralised management or visibility with fragmented content stored on multiple unsanctioned devices.

File-sync and share solutions are a big cause of content chaos. While they provide immediate relief for employees requiring fast access to content, they invite risk, particularly when the employees leave the business.  The content they shared using their own consumer drive may never be recovered. Or if a shared Dropbox account gets compromised and files include customer data, the employee or his company could be in legal hot water. Alternatively, an employee looking for a workaround could send proprietary data to a personal email account, or a consumer cloud storage repository, before downloading it to a mobile device.

While seemingly harmless, your organisation’s data has now been scattered. This places a company’s intellectual property at risk and could cost millions of pounds, whether from lawsuits or lost brand reputation. Without any policies in place, or tracking by IT departments, these rogue pieces of content can become ticking content time bombs.

However, managing the complexity of corporate content is no easy task. Information is an organisation’s most important asset but also its greatest threat. New mobile and connected devices, lenient BYOD policies, the proliferation of cloud and mobile productivity apps, and flexible, mobile working styles are just a few of the challenges. Where content lives, and how it is used, is changing the way companies create, share and secure files.

Many IT departments try to rein in the content chaos and manage security by blocking access. But not all content is created equal, and no single policy will apply to all information. In the first instance, enterprises need to understand how to classify their content. This could be public, confidential or restricted, by which order can then be created as a result of having relevant policies in place for each categorisation.  This could be made possible and automated with a content management system, running either on-premises or in the cloud. 

Such systems also provide comprehensive security and administration features, which empower employees to put their content to its most efficient use, because information is readily available no matter where it’s stored. All without the fear of risk. As a content management system manages and synchronises content across cloud and on-premises repositories, and has the capabilities to integrate with a range of mobile platforms and applications – allowing it to encompass a multitude of devices beyond the enterprise firewall. 

Other benefits include the ability to authenticate users, classify, or merge similar content artefacts from multiple sources into a single comprehensive view. As well as “context around content,” adding elements such as comments, preferences, geo-location data, and unique attributes such as a customer name or invoice number. Thus allowing content to be made easily available at the right time, to the right users, and within the right business applications. While simultaneously providing information governance and compliance.  This can be achieved by understanding where all corporate content is currently being stored, auditing this and defining retention policies – what needs to be kept, for what purpose, who needs access and for how long. Importantly, deleting content once it has outlived its useful life. Here, the uncontrolled copying of content and employees saving files to personal file sync services can also be stopped.

With such practises in place and the ability to access, browse and share business content on either side of the enterprise firewall, employees no longer need to resort to risky workarounds. Instead they can gain immediate access to content that is the lifeblood of a company’s operations.