Last Friday I was on a Call with Ty Lim (VP of marketing at Druva). We discussed his company and its vision and then, once again I got the confirmation that in modern organizations, controlling devices is less important than managing and controlling data.
You know, the enterprise is broadly distributed now (we can even use the term “dispersed” in some cases): the mobile work force counts for the majority of the users. The number of devices is dramatically growing (3 devices per employee is often the new minimum) and Remote Offices need to be managed in one way or another.
That’s not all. We are all seeing phenomenons like BYOD as well as the rise of the Mac in the enterprise. This actually means a growing number of different device types to manage and control.
At the same time, users want to relive the same experience they live at home with consumer-grade cloud services like dropbox… and often they bring their own cloud to work. BYOC, if I can call it that way, is even worse than BYOD: the enterprise immediately loses control of its data and security risks are huge.
Content creation workflows have slightly changed as well: during the day, users continuously jump from device to device, and they expect to have transparent instant access to the same (synchronized) data from different places. They also work offline sometimes and they want to be sure about the version of the document they are working on.
In this ongoing scenario, without the right approach, costs and risks grow exponentially and are all related to data losses, misusage and thefts.
Device management is a partial solution
Devices are mere tools with which to do your job, while data are where value resides: in other words, data are the lowest common denominator.
From the enterprise standpoint, losing a device is not a major problem or cost but losing its content could be painful. For that reason, since millions of devices are lost or stolen every year, the protection of the content of any device that belongs to your organization is priority, while devices themselves are expendable.
Furthermore, when the device isn’t a company asset, you don’t want/have to manage the entire content but only enterprise sensitive data.
I could agree that in some particular cases, having full control of the device is important but, again, in this case you also need a complementary solution to manage data.
From this point of view, managing each single device can be very costly and at the end of the day, it doesn’t cover all possible scenarios (think, for example, about protecting Remote Offices).
Data management is the key
If you look at the problem not only from the mobile device point of view, but from an enterprise broad standpoint, you need to concentrate your efforts on managing, protecting and controlling data.
1) Consolidation is the first step. This makes it easier to get a complete view of what you have and how to protect it. Consolidation also resolves the problem of synchronization and protection of local/remote sites, while limiting operational expenses (Opex).
2) Build a consistent and secure access layer. A set of gateways and services (like sync&share for example) can easily enable a secure and controlled access for the users. Active Directory is already in place in most organizations and it should always be used to authenticate users on mobile devices too. At the same time most sophisticated products provide secure mechanisms to invalidate or wipe out data and caches stored on remote devices if necessary.
3) Only for larger organizations. The first two points ease the development and deployment of a whole family of solutions ranging from auditing to data classification, compliance, and so on.
Why it is important for you
I have my ideas on how to implement what I described above but I won’t bother you again with object and private cloud storage memes. 😉
On the contrary, Druva (a company focused on smart data protection solutions for mobile devices and remote offices), mentioned at the beginning of the article, has a totally different approach and it’s more focused on dealing with traditional infrastructures to get (sometimes) similar results.
In any case, we all need to focus on the fact that traditional approaches to data storage and management are no longer sustainable and, sooner or later, most of the enterprises will need to revise their strategy about it.