Embracing BYOD


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Embracing BYOD

  1. 1. I D C T E C H N O L O G Y S P O T L I G H TThe Benefits of Unified Endpoint DataManagement in Embracing BYODOctober 2012Adapted from Worldwide Storage in the Cloud 2011–2015 Forecast: The Expanding Role of Public CloudStorage Services by Laura DuBois, Richard Villars, and Brad Nisbet, IDC #232115Sponsored by DruvaThe "bring your own device" (BYOD) trend, which is part of the consumerization of IT phenomenon, ishaving a significant impact on enterprise organizations as end users access critical corporate data ontheir personal devices and increasingly use consumer-grade Web applications for work-related tasks.Critical data is being jeopardized because it is often not being backed up on endpoint devices suchas laptops and smartphones. As these trends continue, regaining control of corporate assets,especially those that consist of proprietary data, is becoming a major concern for IT organizations.IT needs to ensure that all these endpoint devices are being regularly and consistently backed up byproviding solutions that are easy to use and unobtrusive and, as such, do not compromise theend-user experience. Still emerging unified approaches to endpoint data management can addressmany of the challenges that IT departments now face with respect to controlling and securingconsumer-driven applications and devices. File sharing and collaboration is another key area that canbenefit from unified data management. This Technology Spotlight examines the role that Druvas coreproduct offering, inSync, plays in this emerging market.IntroductionThe BYOD trend, which is part of the consumerization of IT phenomenon, is having a significantimpact on enterprise organizations as end users access critical corporate data on their personaldevices and increasingly use consumer-grade Web applications for work-related tasks. Both trendscreate a range of challenges for IT departments, involving core issues such as data and devicesecurity, data and system-level protection and recovery, and centralized control and activation ofcorporate policies for how data on multiple devices is managed.The BYOD phenomenon involves the proliferation of employee-owned endpoints such as laptops,smartphones, and tablets. However, another important aspect of the consumerization of IT relates to theincreased use of cloud file sharing and sync services for collaborative purposes. As rich as theseresources can be, in many cases, workers access these consumer-grade Web applications and servicesin a way that puts them outside the full control of centralized corporate IT administrators and policies.These trends are generally making it difficult for IT to fulfill one of their most important responsibilities:keeping enterprise data secure. Given the profound impact these trends are having on IT resourcesin todays enterprises, a number of challenges have surfaced for IT managers. Critical corporate dataresiding on a wide variety of end-user devices must be securely protected in a simple-to-administer,nonintrusive manner. The recovery of systems and data must be as transparent as possible. Inaddition, any sensitive corporate data that resides on these endpoints must be protected againstcompromise or loss in the event that devices are misplaced or misused.While collaborative sharing has great value, employees who need to share corporate files as ameans of collaborating with both internal and external stakeholders must be given the tools to do soIDC 1401
  2. 2. in a secure manner. This needs to be done with security set by corporate IT while centralized policiesfor sharing permissions, access controls, and the like can be pushed out to corporate users. Further,these tools must be as easy to use as the consumer-grade solutions that are popular with end users.IT needs to have visibility into sensitive corporate data that resides on endpoints (such as the abilityto conduct a federated search across all endpoints accessing corporate data) as well as visibility intosharing activities within the firm or with external collaborators.Trends in Secure Endpoint Data ManagementIts no secret that enterprise employees are becoming increasingly mobile. An IDC study states thatthe world mobile worker population will reach 1.3 billion by 2015. The growth of smartphones andtablets has been phenomenal because these devices provide access to a stunning array of newapplications. Mobile workers are increasingly dependent on their mobile devices to enhanceproductivity, improve efficiency, and engage in better collaboration. With smart devices, the consumermarket, not the enterprise, is dictating the pace of new technology innovation. Employees now carrypersonal devices that are more sophisticated and user-friendly than those provided by theiremployers. Recognizing this reality, many IT departments are looking at ways to allow employees tohave a greater say about the technologies they use in the workplace.Smartphones and tablet computers used by employees generally fall into two categories: Corporate liable: Devices are purchased, owned, and managed by the organization and distributed to a select group of employees. Individual liable: Employees own the device and pay for their own data plans but use the device for business purposes and to connect to corporate applications.A key trend in the enterprise is the rise of the individual-liable device. IDC predicts that individual-liable devices will grow to 60% of all mobile devices used in business by 2014. However, thisscenario changes the way organizations need to think about security management and policy andhow organizations should manage these devices when connected to the enterprise network.As complex as this picture is becoming, the BYOD phenomenon offers significant benefits forbusinesses in terms of lowering cost, increasing agility, and driving employee productivity andflexibility. Tablet computing also is a part of this picture. Tablets are transforming enterprise mobilityas a result of their strong user interfaces (UIs) and increased content capabilities. In fact, 52% offirms have already provisioned tablet PCs to some of their employees. As these trends continue, athree-device play is emerging involving laptops, smartphones, and tablets, all of which are likely toremain in the enterprise for the foreseeable future. As the use of mobile devices becomes pervasivein the enterprise, there will be an increased need to ensure the integrity and safety of companyinformation by establishing workable policies and procedures.Another key trend in the consumerization of IT relates to the expanded use of consumer-grade Webapplications, procured by the business user individually but used for work-related functions. Theseapplications typically include file sharing, sync, and collaboration capabilities. While this trendenhances collaborative capability, as is the case with BYOD, many enterprises are losing centralizedcontrol over corporate data in terms of visibility, security, and data protection.Third-party consumer-grade solutions have created an untenable situation and multiple security holesfor todays enterprises. Regaining control of corporate assets, especially those that consist ofproprietary data, is quickly becoming a major concern for IT organizations. Enterprise IT managers havelong been charged with protecting data from loss or theft, but using backup and data loss prevention(DLP) technologies as individual elements provides only a cross section of the protection capabilitiesneeded. Further, many companies have not employed any DLP tools for endpoint devices. 2 ©2012 IDC
  3. 3. In general, critical data is being jeopardized by the fact that it is often not being backed up onendpoint devices such as laptops and smartphones. Employees often keep important corporate dataon these devices but rarely take the actions necessary to back it up. In addition, in many enterprises,there is no backup solution in place for laptop data. IT needs to ensure that all these endpoint devicesare being regularly and consistently backed up by providing solutions that are easy to use andunobtrusive and, as such, do not compromise the end-user experience. As a result of these keytrends, IT management is now faced with some major challenges and is struggling to control endpointdata from both technological and policy perspectives.The Benefits of a Unified Approach to Endpoint Data ManagementStill emerging unified approaches to endpoint data management can address many of the challengesthat IT departments now face with respect to controlling and securing consumer-driven applications anddevices. In todays environment, to ensure security, DLP, mobile device management (MDM), andbackup for mobile devices, enterprises are required to deploy as many as four or five different solutions.A unified approach centralizes these functions for IT, which serves to reduce costs and training timerequired as well as increase control and compliance. In addition, end users benefit from increasedproductivity through the use of a single client (less time for learning, higher rates of adoption andusage). Solutions that offer common deduplication across backup and file sharing systems have thepotential to deliver significant savings in storage and bandwidth.IDC research indicates that the BYOD trend driven by the consumerization of IT will continue.IT departments need to recognize and accommodate this reality. They can do this by finding ways toaccommodate end users needs while providing optimized and secure data management. Unifiedendpoint data management can prevent data loss with respect to remote BYOD devices such assmartphones and tablets by providing both backup capabilities and remote file management forsecurity purposes.File sharing and collaboration is another key area that can benefit from unified data management. Thiscapability endows users with the ability to create peer-to-peer file sharing, allowing locally stored filesand folders to be easily yet securely shared. A file sharing system can also allow users to share fileswith external parties by granting them temporary access to files with links that automatically expire.Approaches that allow end users to easily file share and collaborate can achieve the win/win of bothincreasing productivity for end users and meeting ITs requirements for optimized data management. Asingle client experience across all endpoint data empowers end users. These capabilities, when appliedto secure data management, can translate into hard cost savings in five areas: End-user productivity benefits IT productivity benefits Prevention of data loss events Savings in storage and bandwidth Increased IT control and visibilityConsidering Druva for Unified Endpoint Data ManagementDruva is a start-up company with offices in the United States, India, and the United Kingdomspecializing in enterprise endpoint data management. The company currently has over 1,400customers. The companys core product offering is inSync, an enterprise solution that offers a fullsuite of endpoint protection capabilities, including backup, secure file sharing and collaboration, DLP,and analytics.©2012 IDC 3
  4. 4. Using this product, organizations can back up endpoints — including laptops, smartphones, andtablets — to a single server (on-premise or cloud), which can also be securely accessed from anymobile device or browser. inSync also provides integrated DLP with advanced data encryption fordata residing on endpoints. Additional DLP security features include inSync geotracking and remotedata delete. In addition, inSync offers secure file sharing across endpoints as well as rich analyticsthat provides IT with visibility and ediscovery enablement tools.inSync offers flexible deployment options for small businesses and enterprises. Customers canchoose between an on-premise deployment and a cloud deployment based on their business needsand preferences. inSync Cloud is offered as software as a service (SaaS) and is both SAS 70 andISAE 3000 certified.To simplify IT policy management, IT organizations can set up profiles for multiple users in definedgroups. Administrators can then associate these profiles — including specific policies, permissions,and operational settings that apply across backup, DLP, and file sharing — with groups of users. Endusers can be enabled to modify settings and have control over some key features, such as when toinitiate or pause backup.inSyncs global, client-side deduplication technology is application aware and saves only a singlecopy of files across backup and file sharing. By understanding the disk structure of commonly usedfile formats, inSync performs deduplication at the object level, ensuring complete duplicate reductionfor Microsoft Outlook, Office documents, and PDFs. Server-side HyperCache technology reducesdisk I/O significantly and allows inSyncs deduplication to scale to thousands of users. SSDoptimization further improves backup throughput. Common deduplication across backup and filesharing provides storage and bandwidth savings. inSync can back up a complete image of a system,and the capability to limit the backup to only essential system settings will soon be available.inSyncs WAN optimization engine queries the available network for noise and latency and thenchooses the optimal packet size for data transfer and spawns multiple threads on the same networksocket to best use available bandwidth. When a backup is interrupted, inSync ensures that thebackup is automatically resumed when a network connection is available. Backup processes arenonintrusive to end users with carefully controlled and adjustable amounts of bandwidth and CPUresources. The administrator controls the amount of bandwidth used by specifying the bandwidth tobe consumed by backups. The product is designed to work well in wide-area networks.inSync has the capability to back up smartphones and tablets based on BYOD default policies that havebeen set by the IT department. A major recent enhancement is inSync Share, which integratesadvanced file sharing and collaboration functionality with backup and DLP capabilities. This modulegives enterprise administrators control of important endpoint data, without hindering the end usersability to collaborate and share with colleagues, customers, and other authorized parties. inSync Shareintegrates with an end users device of choice and works on multiple client device platforms, includingMicrosoft Windows, Mac, Linux, iOS (iPhones and iPads), and Android. IT gains visibility into sharingactivities across the organization, which it does not have when consumer-based freeware is used.Advanced file sharing capabilities can be centrally managed by IT administrators via a unified Webconsole that provides policies to preserve security. This ensures that proprietary data is notaccidentally exposed to nonauthorized individuals. Policies can be created to address how users canshare files. Advanced reporting offers support for file auditing as well as user activity reporting, acritical capability in compliance-oriented environments.Security features include data security and access control. For cloud environments, they also includenetwork security and third-party audits of policies and procedures. Encryption in transit and in storesecures data end to end. If a mobile device is misplaced, IT administrators can track it with anaccuracy of 10 meters and remotely wipe data from it. inSync comes with advanced data analytics 4 ©2012 IDC
  5. 5. that gives IT a tool to analyze and identify usage trends, conduct federated searches across allendpoints in the enterprise, and set up real-time alerts to proactively counter potential issues. Withthis capability, users can: Analyze composition of files across all endpoints to understand current and future trends Filter, process, and search for files or folders across all endpoints Generate advanced reports providing detailed information on users, devices, files, restore points, date modified, and sizeChallengesDruvas value proposition is multifunctional in nature and is enhanced through Druvas unification ofcapabilities that span discrete functions. Because the company is leading the charge to combinedifferent IT functions that straddle the areas of data protection, security, storage, and collaboration, itneeds to make sure that its capabilities are well understood by each IT department function and inthe aggregate at the CIO level.ConclusionThe consumerization of IT creates a range of challenges for IT departments. This trend subsumes theBYOD phenomenon that involves a proliferation of employee-owned endpoints such as laptops,smartphones, and tablets that are used to access critical corporate data. It also brings into theenterprise increased use of consumer-grade file sharing applications that reside outside the fullcontrol of IT administrators. In addition, enterprises without endpoint backup solutions jeopardizecritical data that resides on their endpoint devices.There is a strong and growing need for solutions to address the previously mentioned challenges.These solutions should ideally both enhance employee productivity and deliver increased IT control,visibility, and compliance. inSync is designed to address these challenges by providing anonintrusive, automated backup, easy file sharing and collaboration, anytime data access from anymobile device, one-click restores, and a single client experience across all of these functions. Theobjective is to deliver IT benefits by increased data security and control, IT visibility into sharingactivities, prevention of critical data loss, and unified policy management across all applications.Druvas ultimate goal is to create an environment where endpoint data is fully managed yet freelyaccessible. To the extent that Druva can address the challenges described in this document, IDCbelieves that the company is strongly positioned for success in the emerging endpoint data protectionand collaboration market.A B O U T T H I S P U B L I C A T I O NThis publication was produced by IDC Go-to-Market Services. The opinion, analysis, and research results presented hereinare drawn from more detailed research and analysis independently conducted and published by IDC, unless specific vendorsponsorship is noted. IDC Go-to-Market Services makes IDC content available in a wide range of formats for distribution byvarious companies. A license to distribute IDC content does not imply endorsement of or opinion about the licensee.C O P Y R I G H T A N D R E S T R I C T I O N SAny IDC information or reference to IDC that is to be used in advertising, press releases, or promotional materials requiresprior written approval from IDC. For permission requests, contact the GMS information line at 508-988-7610 or gms@idc.com.Translation and/or localization of this document requires an additional license from IDC.For more information on IDC, visit www.idc.com. For more information on IDC GMS, visit www.idc.com/gms.Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com©2012 IDC 5