There are many emerging trends and developments in the tech and business worlds that help make companies and their employees far more productive, mobile devices and widely available mobile internet coverage being one of the most obvious gains. With these comes a liberation of how and which devices can be used. In the early days companies set up strict rules defining in which conditions employees could use and configure their own computer. If new software was needed or a password changed, the administrator had to be called and deal with it. Computers and cell phones were provided and controlled by the employer and only to be used for business.
The freedom of BYOD
This created a large and unnecessary amount of work for IT departments and actually hindered efficiency in many situations especially when staff decided to work around the carefully devised rules so companies have started to open up their rules on IT. Trends like ‘bring your own devices’ (BYOD) and the ever increasing demands for availability to allow the user to keep their private cell phone for business and take the company’s laptop home for private use and to be available out of hours. With this comes the indirect freedom of installing software without an administrator. While this might increase productivity and availability and increase choice for users, it is the thin edge of the wedge!
Usability is key
If companies fail to provide the most trendy software and tools along with these newly gained freedoms it can quickly turn into a problem as employees are always looking for easier ways to get things done, and whilst aware of some of the risks they are unlikely to be as well informed as the professional IT teams setting the rules - and private choices of software reflect this. Technological advance and globalisation mean more collaboration tools are needed, exchanging larger amounts of data, and sending sensitive information back and forth around the globe in order to get things done more quickly. Many companies still use FTP or SFTP servers for file sharing and use of S/MIME and PGP to encrypt email for more security is widespread. These tools are already perceived as too difficult to use for many employees outside the IT department, let alone simple enough for their everyday ad hoc use with ever changing communication partners inside and outside the company. Worse collaboration partners don’t provide even simple tools because no one feels responsible for the risks or they are reluctant to spend money and effort on the best software.
Don't make them choose
Either way the result most of the time is the same; the employee still has the pressure to get things done and exchanging large amounts of data and sensitive information needs to be done whether there are tools in place or not. If the tool is too complicated or there are just nothing that fits the bill the user turns to the most simple solution to his problem using what they know to solve the problem. Exchange information quickly? Just send an e-mail with an attachment. Why bother to set up a complicated encryption method, or exchange certificates with people from all over the world, just to quickly send them the latest report and numbers? Need to send a large presentation, construction plan, or video to the customer, partner, or colleague today? The easy way, put it on a USB stick and send it right over or use that private cloud sharing account that everyone already has easy access to.
Don't loose data through Shadow-IT
As customers report and studies show, companies often lose data due to this behaviour and the use of Shadow-IT. E-mails can be intercepted, opened by the wrong people, or simply get lost. Files in public cloud storages, on USB sticks or FTP servers are either not secured, are time consuming and costly to send around (via curier for example) and difficult to keep track of (especially in the use of FTP). As a response to this companies should not let their staff resort to software and tools they know only from their private life but actively shape the working environment by offering the best solutions as standards.
Here some points a company should consider when choosing a software:
- Is it easy to access, install and use for everyone?
- Is it secure enough to meet the ever more stringent compliance standards?
- Can the user communicate with internal and external partners without them having to set up additional software or exchange certificates?
- Can all files, large and small and sensitive information be exchanged without problems?
- Does the solution integrate into familiar corporate working environment like MS-Outlook or IBM Notes for immediate access?