Platt Perspective on Business and Technology

Navigating bring your own cloud as an emerging trend 1: identifying and thinking through the basic challenge

Posted in business and convergent technologies by Timothy Platt on November 6, 2013

I have been writing in this blog about the bring your own tech phenomenon, and cite my series: Navigating the Bring Your Own Tech Puzzle for a more general discussion of this emerging development (see Ubiquitous Computing and Communications – everywhere all the time, postings 141 and following for Parts 1-4.) But I decided to return to this general topic area to discuss a very specific side to bring your own tech: bring your own cloud, and how that impacts on businesses as a significant risk management complication.

The basic issues that arise here all revolve around the question of who owns business intelligence, where that means:

1. Data and processed knowledge that the business explicitly owns,
2. Data and knowledge that it does not explicitly own but that it as an organization has certain rights to and that it is responsible for, for managing security and control access, and
3. Work performed by employees and their work while in progress.

All three of these information categories enter into this set of issues as all involve storable data.

1. This includes trade secrets and other business-owned proprietary information that employees might access and use in the course of their work, and that might end up in their own computer and/or telephony technology and in their own cloud storage while working with it.
2. This includes both personal and personally identifiable information that enters into business systems as coming from customers and others not of the business.
3. It also includes employee personal information. Businesses accumulate large amounts of sensitive and legally protected employee personal data that could be misused in enabling identity theft or in a wide range of other damaging ways. Human Resources may be an obvious department for most businesses for holding a large repository of this type of data and for all employees at their business up through and including the chief executive officer. But Payroll often holds just as much personal and confidential employee data with social security numbers and other official identifying information, home addresses and other contact information, precise numerical data as to salaries and benefits and taxes withheld and more. And employees working in other departments and services often hold and need to be able to use data from this trove of access-restricted personal information too, in the normal course of their work.
4. And this includes proprietary information that belongs to other businesses, that has been made available under licensing or other explicit legally defined terms, and with data access control and confidentially built into the contracts that control this sharing and that spell out permitted use.
5. And to round out this list, at least to a degree of completeness sufficient for this discussion, I add in the personal cloud storing of employees’ own hands-on work and work in progress. And this can mean copies of emails and text messages sent and received, documents and other files received from other employees for work use, documents and other information files that employees might develop for their own individual use as for example when planning their work, or that they would share with fellow employees or with the business per se, and business-related information in general that they might acquire and want ready access to.

Employees want to be able to access and use and work on the files and documents that they need for doing their jobs, and wherever they are, whenever they want to be able to do their work. And they want to be able to do this with their own IT and communications technology that they feel most comfortable using, and certainly when their Where and When means working away from their place of employment and away from the standard equipment provided to them there.

Businesses want to and need to be able to control the data and knowledge that they own and that they are responsible for.

This sets up the fundamental conflict that I begin discussing in this posting, and it is one that is only going to become more and more pressing as more and more digital data is stored online and in the cloud and by essentially everyone.

My goal for this posting was to at least briefly outline this challenge and what it represents. I will add a follow-up posting to this in a few days where I will at least begin to outline a possible resolution to this challenge. And I note here in anticipation of that, that an effective resolution to this cannot simply come as a blanket refusal to allow any and all bring your own tech, and it cannot come from simply disallowing cloud storage per se. Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time 2 and also see my first Ubiquitous Computing and Communications directory page.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: