Bring Your Own Cloud

“Bring Your Own Device” (BYOD) has been popular for quite some time now. It is driven mainly by workers desire to use their own devices like phones, tablets, laptops etc. This practice has got its own benefits like flexibility, round the clock access to data, higher productivity and lesser dependency on central IT Hub. But, BOYD can easily cause disruptions to IT compliances and IT processes of an organization.

A new trends has emerged on the lines of BOYD called “Bring Your Own Cloud” or BYOC, which allows workers to utilize public or private third-party cloud services to complete their job tasks.

What is “Bring Your Own Cloud”?

In BYOC, workgroups or individual employees of the organization uses low cost, fast and efficient public or private third-party cloud services to get the work done. An organization might encourage its employees to use public or third-party cloud services in order to reduce capital and operational costs related to IT. This is prevalent in large organization that can’t spare resources or people to keep with changes in IT.

What are the advantages of BYOC?

  1. Less utilization of the organization’s resources.
  2. Less expensive
  3. Faster and efficient
  4. Agile and easy access

What are the disadvantages of BYOC?

BYOC is also referred to as “shadow IT” due its pervasiveness. The implications of BYOC are as follows:

1) Lack or loss of overall control: The organization doesn’t know who’s using what, and so, it has no control on the data access, its management and resource planning.

2) Inconsistency of System: With disparate systems in use, inconsistencies creeps into the IT environment.

3) Increase Risk of Data loss: with the use of third-party cloud services there is always a threat of data loss.

4) Greater risk of errors: This is due to non IT-professionals managing the infrastructure.

What are the controls or best practices for BYOC?

To mitigate the possible risks, the following could be consider as best practices or controls to be incorporated in the organization’s IT process.

1) The employees should be encouraged to use a single cloud storage for any work related activity and no personal data should be stored in that particular storage.

2) Use version-control sign-out process to ensure that multiple copies don’t exist and there is a record of everyone who has a personal copy.

3) Programs like word processor, spreadsheet, presentation-programs etc. should be standardized on a file format which is widely supported, and employees should be encouraged to only use the prescribed format.

4) Detailed BYOD policies wrapped up with BYOC policies should be adopted by the organizations.

5) Collaboration should be supported by sharing access to an organization-controlled cloud storage service and apps having same source.

Conclusion:

For today’s organizations it is wiser to accept that employees will rely on the tools they know best, and to accommodate employee choices and apply governance practices that offer an adequate level of protection.

 

 RAHUL KUMAR
MBA (IT) 4th SEM