Back in March I wrote about BYOD (iPhones, Android phones, iPads, etc) in the Enterprise, but another worry IT management needs to address is BYOC – as in, bring your own cloud (storage).
Yesterday I covered seven popular cloud storage solutions. Between those seven solutions I have almost 100GB of storage. If I was an employee on your network what could I walk out with on 100GB of storage? I just did a quick unscientific scan of my documents folder and I had many MS Word docs of 100KB or less with very few Word doc files over 1MB. So assuming worse case and use 1MB as the average Word doc file size, that means I can walk out with over 100,000 documents! Talk about a wikileaks waiting to happen! Do you have digital rights management on your sensitive documents? Are you monitoring your network traffic for uploads to these cloud storage solutions?
But it doesn’t have to be malicious. With BYOD and the popularity of telecommuting the risk of sensitive data ending up on a consumer grade cloud solution is pretty high. Do your Executives have iPads? Is it possible your CFO could be working on his quarterly report on his iPad while traveling? And does he have sync’ing to iCloud turned on? Do you have a Sarbanes–Oxley Act (SOX) issue to deal with now? Depending on your industry, you could have other regulations to deal with, such as HIPAA or PCI, FFIEC, GLB, etc.
So, just like with BYOD, if you don’t have policies and procedures in place already you are behind… BYOC is in your enterprise already.