In today's world, enterprise data isn't in the enterprise. It's created with a camera, Google Docs, or Evernote. I mean think about Evernote from an employee's perspective. Every thought goes straight into Evernote, and the user picks and chooses what they "export" to IT. It's no longer about data leakage. Now you're praying for data ingestion. You're hoping and praying people CHOOSE to put data into the enterprise, because they have all the incentive not to!
The preceding paragraph is a paraphrased quote from David Stafford's breakout session at BriForum 2013 London called What Got Us Here Won't Get Us There: Today's IT Needs to Get with the Times. Now that TechTarget runs BriForum I actually have time to attend sessions, and David's session was one of my favorites as he looked at what we can do as IT professionals to stay relevant to our users and our organizations in this consumerization-powered world.
Getting back to the point of this article, it is interesting that the model has been completely flipped. In the "old days" (what, five years ago), when it came to file and data storage, we in IT totally owned everything. We could use tools like DLP and DRM to ensure that "our data" stayed within the bounds of "our systems."
But what a different story in 2013! Sure, we can still use DLP and DRM to lock down and protect the "institutionally-generated" data. (Reports from financial systems, etc.) But when it comes to individual files and documents, there's absolutely nothing stopping a user from jotting down or creating their content on their devices and saving them to their preferred cloud service. And in fact most of the software providers and SaaS vendors are making it easier and easier for users to just "pop in" to their apps to jot down some thoughts while we in the IT world try to wrap more and more authentication and security around our "enterprise social" apps.
So David's point is right on. Five years ago we were worried about enterprise data leaking out of our enterprise systems and into the wild. But in today's world, much of that "enterprise" data isn't even in our enterprise systems to begin with, so rather than worrying about "data leakage," we're praying for "data ingestion." We're hoping that our users actually choose to share their enterprise data with us.
To that end, what have you found in your own organizations? How do you deal with this?
(Note: You must be logged in to post a comment.)
If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.