Striking a Balance Between Protecting Company Data and Serving End Users
The age-old clash between users and the IT department continues to rage as IT tries to put everything on lockdown, while users fight for the freedom to get the tools they need to do their jobs.In a matter of minutes, users can easily download new tools, apps and file-sharing services without thinking twice about the data security implications. And this has real implications for IT. For example, IT professionals estimate there are 10 to 50 cloud apps in use in their companies. But the truth is that users on average run more than 10 times as many cloud apps.This shadow IT is a huge nightmare, but when IT takes a “father-knows-best” approach, users are likely to see IT more as a hindrance than as a partner and continue seeking their own solutions.Although it is the IT department’s job to keep data secure and adhere to regulations, business owners need to help strike a balance between protecting data and serving end users. The more IT says no, the more end users stop listening.It’s time to ease the tension between IT and business users. Take these proactive steps to end this vicious cycle:
1. Offer choice
Not everyone works the same way. If IT only sanctions one tool and tries to block everything else, users are more likely to go around IT and find tools that fit with the different ways they work to be the most productive.
Instead of setting up a boxing ring for another round of users vs. IT, allow multiple mobile devices and third-party apps. This will help meet a wider range of user needs. By sanctioning enterprise-grade tools that are easy to use and can spur collaboration, employees can better manage their data and projects. At the same time, IT can have visibility over the tools that are being used, and this will ensure data doesn’t fall into the wrong hands.
2. Solicit feedback
Incorporating solutions that increase productivity while allowing IT to perform its due diligence takes an open dialogue. By embracing collaboration, both sides can be happy through a hybrid solution or a combination of tools.There are thousands of productivity, project management and collaboration tools out there, with more coming out every day. Employees might be drawn to popular tools that would cause compliance risks if used for sharing and accessing certain types of data. By enabling an open environment for submitting requests, IT can evaluate options sought by users and determine which are the most secure.
3. Establish policies
If policies are vague, employees will create their own interpretations. That’s not always in the best interests of the company and its intellectual property. Shadow IT isn’t always about battling IT; it’s also about lack of knowledge about what types of tools put business data at risk. By setting up clear policies, businesses can quickly get IT and end users on the same page. At the same time, IT must create flexible policies to ensure end users abide by them.“Bring your own device” is a common policy adopted by companies today. For example, users may be able to use the device of their choice, but they must only access business data from sanctioned solutions. By sending reminders and keeping the policy updated with shifts in technology or regulations, everyone in the company will fully understand how to abide by policies and not put data at risk.IT teams sometimes feel annoyed with users who don’t realize Java isn’t a cup of coffee, while users think they aren’t getting any help because IT is playing World of Warcraft. Bridge the divide by helping each side understand the other. Businesses need to provide an open environment for discussing and choosing solutions, with policies that outline these, to drive the entire organization toward success.*The original post appeared in The Business Journals.