More Related Content Similar to Embracing BYOD Similar to Embracing BYOD (20) More from Envision Technology Advisors More from Envision Technology Advisors (20) Embracing BYOD1. I D C T E C H N O L O G Y S P O T L I G H T
The Benefits of Unified Endpoint Data
Management in Embracing BYOD
October 2012
Adapted from Worldwide Storage in the Cloud 2011–2015 Forecast: The Expanding Role of Public Cloud
Storage Services by Laura DuBois, Richard Villars, and Brad Nisbet, IDC #232115
Sponsored by Druva
The "bring your own device" (BYOD) trend, which is part of the consumerization of IT phenomenon, is
having a significant impact on enterprise organizations as end users access critical corporate data on
their personal devices and increasingly use consumer-grade Web applications for work-related tasks.
Critical data is being jeopardized because it is often not being backed up on endpoint devices such
as laptops and smartphones. As these trends continue, regaining control of corporate assets,
especially those that consist of proprietary data, is becoming a major concern for IT organizations.
IT needs to ensure that all these endpoint devices are being regularly and consistently backed up by
providing solutions that are easy to use and unobtrusive and, as such, do not compromise the
end-user experience. Still emerging unified approaches to endpoint data management can address
many of the challenges that IT departments now face with respect to controlling and securing
consumer-driven applications and devices. File sharing and collaboration is another key area that can
benefit from unified data management. This Technology Spotlight examines the role that Druva's core
product offering, inSync, plays in this emerging market.
Introduction
The BYOD trend, which is part of the consumerization of IT phenomenon, is having a significant
impact on enterprise organizations as end users access critical corporate data on their personal
devices and increasingly use consumer-grade Web applications for work-related tasks. Both trends
create a range of challenges for IT departments, involving core issues such as data and device
security, data and system-level protection and recovery, and centralized control and activation of
corporate policies for how data on multiple devices is managed.
The BYOD phenomenon involves the proliferation of employee-owned endpoints such as laptops,
smartphones, and tablets. However, another important aspect of the consumerization of IT relates to the
increased use of cloud file sharing and sync services for collaborative purposes. As rich as these
resources can be, in many cases, workers access these consumer-grade Web applications and services
in a way that puts them outside the full control of centralized corporate IT administrators and policies.
These trends are generally making it difficult for IT to fulfill one of their most important responsibilities:
keeping enterprise data secure. Given the profound impact these trends are having on IT resources
in today's enterprises, a number of challenges have surfaced for IT managers. Critical corporate data
residing on a wide variety of end-user devices must be securely protected in a simple-to-administer,
nonintrusive manner. The recovery of systems and data must be as transparent as possible. In
addition, any sensitive corporate data that resides on these endpoints must be protected against
compromise or loss in the event that devices are misplaced or misused.
While collaborative sharing has great value, employees who need to share corporate files as a
means of collaborating with both internal and external stakeholders must be given the tools to do so
IDC 1401
2. in a secure manner. This needs to be done with security set by corporate IT while centralized policies
for sharing permissions, access controls, and the like can be pushed out to corporate users. Further,
these tools must be as easy to use as the consumer-grade solutions that are popular with end users.
IT needs to have visibility into sensitive corporate data that resides on endpoints (such as the ability
to conduct a federated search across all endpoints accessing corporate data) as well as visibility into
sharing activities within the firm or with external collaborators.
Trends in Secure Endpoint Data Management
It's no secret that enterprise employees are becoming increasingly mobile. An IDC study states that
the world mobile worker population will reach 1.3 billion by 2015. The growth of smartphones and
tablets has been phenomenal because these devices provide access to a stunning array of new
applications. Mobile workers are increasingly dependent on their mobile devices to enhance
productivity, improve efficiency, and engage in better collaboration. With smart devices, the consumer
market, not the enterprise, is dictating the pace of new technology innovation. Employees now carry
personal devices that are more sophisticated and user-friendly than those provided by their
employers. Recognizing this reality, many IT departments are looking at ways to allow employees to
have a greater say about the technologies they use in the workplace.
Smartphones and tablet computers used by employees generally fall into two categories:
Corporate liable: Devices are purchased, owned, and managed by the organization and
distributed to a select group of employees.
Individual liable: Employees own the device and pay for their own data plans but use the device
for business purposes and to connect to corporate applications.
A key trend in the enterprise is the rise of the individual-liable device. IDC predicts that individual-
liable devices will grow to 60% of all mobile devices used in business by 2014. However, this
scenario changes the way organizations need to think about security management and policy and
how organizations should manage these devices when connected to the enterprise network.
As complex as this picture is becoming, the BYOD phenomenon offers significant benefits for
businesses in terms of lowering cost, increasing agility, and driving employee productivity and
flexibility. Tablet computing also is a part of this picture. Tablets are transforming enterprise mobility
as a result of their strong user interfaces (UIs) and increased content capabilities. In fact, 52% of
firms have already provisioned tablet PCs to some of their employees. As these trends continue, a
three-device play is emerging involving laptops, smartphones, and tablets, all of which are likely to
remain in the enterprise for the foreseeable future. As the use of mobile devices becomes pervasive
in the enterprise, there will be an increased need to ensure the integrity and safety of company
information by establishing workable policies and procedures.
Another key trend in the consumerization of IT relates to the expanded use of consumer-grade Web
applications, procured by the business user individually but used for work-related functions. These
applications typically include file sharing, sync, and collaboration capabilities. While this trend
enhances collaborative capability, as is the case with BYOD, many enterprises are losing centralized
control over corporate data in terms of visibility, security, and data protection.
Third-party consumer-grade solutions have created an untenable situation and multiple security holes
for today's enterprises. Regaining control of corporate assets, especially those that consist of
proprietary data, is quickly becoming a major concern for IT organizations. Enterprise IT managers have
long been charged with protecting data from loss or theft, but using backup and data loss prevention
(DLP) technologies as individual elements provides only a cross section of the protection capabilities
needed. Further, many companies have not employed any DLP tools for endpoint devices.
2 ©2012 IDC
3. In general, critical data is being jeopardized by the fact that it is often not being backed up on
endpoint devices such as laptops and smartphones. Employees often keep important corporate data
on these devices but rarely take the actions necessary to back it up. In addition, in many enterprises,
there is no backup solution in place for laptop data. IT needs to ensure that all these endpoint devices
are being regularly and consistently backed up by providing solutions that are easy to use and
unobtrusive and, as such, do not compromise the end-user experience. As a result of these key
trends, IT management is now faced with some major challenges and is struggling to control endpoint
data from both technological and policy perspectives.
The Benefits of a Unified Approach to Endpoint Data Management
Still emerging unified approaches to endpoint data management can address many of the challenges
that IT departments now face with respect to controlling and securing consumer-driven applications and
devices. In today's environment, to ensure security, DLP, mobile device management (MDM), and
backup for mobile devices, enterprises are required to deploy as many as four or five different solutions.
A unified approach centralizes these functions for IT, which serves to reduce costs and training time
required as well as increase control and compliance. In addition, end users benefit from increased
productivity through the use of a single client (less time for learning, higher rates of adoption and
usage). Solutions that offer common deduplication across backup and file sharing systems have the
potential to deliver significant savings in storage and bandwidth.
IDC research indicates that the BYOD trend driven by the consumerization of IT will continue.
IT departments need to recognize and accommodate this reality. They can do this by finding ways to
accommodate end users' needs while providing optimized and secure data management. Unified
endpoint data management can prevent data loss with respect to remote BYOD devices such as
smartphones and tablets by providing both backup capabilities and remote file management for
security purposes.
File sharing and collaboration is another key area that can benefit from unified data management. This
capability endows users with the ability to create peer-to-peer file sharing, allowing locally stored files
and folders to be easily yet securely shared. A file sharing system can also allow users to share files
with external parties by granting them temporary access to files with links that automatically expire.
Approaches that allow end users to easily file share and collaborate can achieve the win/win of both
increasing productivity for end users and meeting IT's requirements for optimized data management. A
single client experience across all endpoint data empowers end users. These capabilities, when applied
to secure data management, can translate into hard cost savings in five areas:
End-user productivity benefits
IT productivity benefits
Prevention of data loss events
Savings in storage and bandwidth
Increased IT control and visibility
Considering Druva for Unified Endpoint Data Management
Druva is a start-up company with offices in the United States, India, and the United Kingdom
specializing in enterprise endpoint data management. The company currently has over 1,400
customers. The company's core product offering is inSync, an enterprise solution that offers a full
suite of endpoint protection capabilities, including backup, secure file sharing and collaboration, DLP,
and analytics.
©2012 IDC 3
4. Using this product, organizations can back up endpoints — including laptops, smartphones, and
tablets — to a single server (on-premise or cloud), which can also be securely accessed from any
mobile device or browser. inSync also provides integrated DLP with advanced data encryption for
data residing on endpoints. Additional DLP security features include inSync geotracking and remote
data delete. In addition, inSync offers secure file sharing across endpoints as well as rich analytics
that provides IT with visibility and ediscovery enablement tools.
inSync offers flexible deployment options for small businesses and enterprises. Customers can
choose between an on-premise deployment and a cloud deployment based on their business needs
and preferences. inSync Cloud is offered as software as a service (SaaS) and is both SAS 70 and
ISAE 3000 certified.
To simplify IT policy management, IT organizations can set up profiles for multiple users in defined
groups. Administrators can then associate these profiles — including specific policies, permissions,
and operational settings that apply across backup, DLP, and file sharing — with groups of users. End
users can be enabled to modify settings and have control over some key features, such as when to
initiate or pause backup.
inSync's global, client-side deduplication technology is application aware and saves only a single
copy of files across backup and file sharing. By understanding the disk structure of commonly used
file formats, inSync performs deduplication at the object level, ensuring complete duplicate reduction
for Microsoft Outlook, Office documents, and PDFs. Server-side HyperCache technology reduces
disk I/O significantly and allows inSync's deduplication to scale to thousands of users. SSD
optimization further improves backup throughput. Common deduplication across backup and file
sharing provides storage and bandwidth savings. inSync can back up a complete image of a system,
and the capability to limit the backup to only essential system settings will soon be available.
inSync's WAN optimization engine queries the available network for noise and latency and then
chooses the optimal packet size for data transfer and spawns multiple threads on the same network
socket to best use available bandwidth. When a backup is interrupted, inSync ensures that the
backup is automatically resumed when a network connection is available. Backup processes are
nonintrusive to end users with carefully controlled and adjustable amounts of bandwidth and CPU
resources. The administrator controls the amount of bandwidth used by specifying the bandwidth to
be consumed by backups. The product is designed to work well in wide-area networks.
inSync has the capability to back up smartphones and tablets based on BYOD default policies that have
been set by the IT department. A major recent enhancement is inSync Share, which integrates
advanced file sharing and collaboration functionality with backup and DLP capabilities. This module
gives enterprise administrators control of important endpoint data, without hindering the end user's
ability to collaborate and share with colleagues, customers, and other authorized parties. inSync Share
integrates with an end user's device of choice and works on multiple client device platforms, including
Microsoft Windows, Mac, Linux, iOS (iPhones and iPads), and Android. IT gains visibility into sharing
activities across the organization, which it does not have when consumer-based freeware is used.
Advanced file sharing capabilities can be centrally managed by IT administrators via a unified Web
console that provides policies to preserve security. This ensures that proprietary data is not
accidentally exposed to nonauthorized individuals. Policies can be created to address how users can
share files. Advanced reporting offers support for file auditing as well as user activity reporting, a
critical capability in compliance-oriented environments.
Security features include data security and access control. For cloud environments, they also include
network security and third-party audits of policies and procedures. Encryption in transit and in store
secures data end to end. If a mobile device is misplaced, IT administrators can track it with an
accuracy of 10 meters and remotely wipe data from it. inSync comes with advanced data analytics
4 ©2012 IDC
5. that gives IT a tool to analyze and identify usage trends, conduct federated searches across all
endpoints in the enterprise, and set up real-time alerts to proactively counter potential issues. With
this capability, users can:
Analyze composition of files across all endpoints to understand current and future trends
Filter, process, and search for files or folders across all endpoints
Generate advanced reports providing detailed information on users, devices, files, restore points,
date modified, and size
Challenges
Druva's value proposition is multifunctional in nature and is enhanced through Druva's unification of
capabilities that span discrete functions. Because the company is leading the charge to combine
different IT functions that straddle the areas of data protection, security, storage, and collaboration, it
needs to make sure that its capabilities are well understood by each IT department function and in
the aggregate at the CIO level.
Conclusion
The consumerization of IT creates a range of challenges for IT departments. This trend subsumes the
BYOD phenomenon that involves a proliferation of employee-owned endpoints such as laptops,
smartphones, and tablets that are used to access critical corporate data. It also brings into the
enterprise increased use of consumer-grade file sharing applications that reside outside the full
control of IT administrators. In addition, enterprises without endpoint backup solutions jeopardize
critical data that resides on their endpoint devices.
There is a strong and growing need for solutions to address the previously mentioned challenges.
These solutions should ideally both enhance employee productivity and deliver increased IT control,
visibility, and compliance. inSync is designed to address these challenges by providing a
nonintrusive, automated backup, easy file sharing and collaboration, anytime data access from any
mobile device, one-click restores, and a single client experience across all of these functions. The
objective is to deliver IT benefits by increased data security and control, IT visibility into sharing
activities, prevention of critical data loss, and unified policy management across all applications.
Druva's ultimate goal is to create an environment where endpoint data is fully managed yet freely
accessible. To the extent that Druva can address the challenges described in this document, IDC
believes that the company is strongly positioned for success in the emerging endpoint data protection
and collaboration market.
A B O U T T H I S P U B L I C A T I O N
This publication was produced by IDC Go-to-Market Services. The opinion, analysis, and research results presented herein
are drawn from more detailed research and analysis independently conducted and published by IDC, unless specific vendor
sponsorship is noted. IDC Go-to-Market Services makes IDC content available in a wide range of formats for distribution by
various companies. A license to distribute IDC content does not imply endorsement of or opinion about the licensee.
C O P Y R I G H T A N D R E S T R I C T I O N S
Any IDC information or reference to IDC that is to be used in advertising, press releases, or promotional materials requires
prior written approval from IDC. For permission requests, contact the GMS information line at 508-988-7610 or gms@idc.com.
Translation and/or localization of this document requires an additional license from IDC.
For more information on IDC, visit www.idc.com. For more information on IDC GMS, visit www.idc.com/gms.
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
©2012 IDC 5