Corporate data is migrating to the cloud, driven by the widespread adoption of consumer cloud storage and increasing expectations for the convenience of those consumer systems in corporate environments. Meeting this demand is a challenge, as is securely sharing files across on-premises systems, clouds and mobile devices.
As you prepare to implement and manage cloud storage systems, make sure your file-sharing security policies are defined or at least in process. You should also understand criteria for evaluating and purchasing cloud-based or on-premises services, consider data-loss risks, and formulate a risk mitigation strategy.
Three options for sharing files in the cloud
Companies can often benefit from consumer cloud storage and file-sharing services. Employees can access content from any of their devices, and emailing attachments becomes less necessary. In addition, non-IT professionals sharing large files can avoid difficult-to-use File Transfer Protocol services.
There are, however, substantial downsides to consumer cloud storage services, such as a lack of centralized control and the inability to audit adequately. Fortunately, these disadvantages can be avoided, or at least minimized, using one of these three implementation models:
- Cloud-based services for the enterprise
- On-premises file-synchronization and file-sharing systems
- Hybrid on-premises and cloud systems
Cloud-based file systems not only offer similar functionality to consumer cloud storage services, but they also provide centralized management of access controls, device registration and auditing.
On-premises file-synchronization and file-sharing products allow organizations to keep files behind their firewalls on internal storage systems while providing users similar functionality to that found in consumer file-sharing services. This option may be particularly appealing to organizations with a substantial investment in storage systems or organizations that are not allowed to store files in the cloud for regulatory or security reasons.
The third alternative is a hybrid approach that combines cloud and on-premises storage. The hybrid approach works well for companies that can differentiate content that can be safely stored in the public cloud from content that must remain in-house.
Several implementation issues are common to all three file-sharing models, and on-premises and hybrid storage cloud systems bring unique concerns. Stay tuned for part two of this series, which covers the main security measures IT must have in place to help manage consumer cloud storage.