Guide to Enterprise File Sync and Share (EFSS) – Part 4: Challenges
Enterprise cloud adoption is steadily on the rise, as more and more organizations recognize its inherent value to business. Its ability to free up IT resources, cut costs, improve data access, and increase efficiency, versatility, flexibility and economies of scale has ensured that the cloud computing bandwagon continues to gain wide acceptance in the enterprise segment. It’s no longer a question of whether or not the cloud is the right strategy, but how best to leverage the cloud’s abundance of resources.
It’s quite clear that cloud adoption has the potential to elevate business; however, its benefits are limited by various challenges and inconsistencies. Despite a growing trend in enterprise-wide cloud adoption, several organizations are facing major challenges as they move beyond trials and experiments into more advanced enterprise file sync and share solutions (EFSS). Enterprise IT has valid concerns around issues like migration and integration, cultural resistance, loss of control, performance, reliability, data governance, and security. Finding a cloud partner with the necessary market stability, experience and capabilities is also a challenge.
Security is always a top a concern when adopting an enterprise file sharing and synchronization solution. Since corporate data is no longer in-house and is being shared via a network; the threat of unauthorized access, alteration or deletion of data is quite real. However, security concerns can typically be addressed via the implementation of a solid enterprise risk management strategy based on the detailed analysis of the concerns and issues raised by the organization. The security features offered by an EFSS vendor should also be carefully analyzed to ensure their feasibility.
Since enterprises share sensitive financial information, personal details and client records, maintaining the privacy of this data is a natural concern. The privacy issue is also fostered by an inherent tension that exists between EFSS vendors and their customers. If a third party is handling your corporate data, there is not guarantee that they have not seen it when maintaining the infrastructure. Some of the privacy concerns surrounding the adoption of an EFSS solution can be quelled by opting for an on-premise solution. Establishing policies is also important in maintaining data privacy.
With enterprise cloud adoption, the organization losses direct control of the infrastructure and IT environment; employees, including system admins, are relegated to interacting via the tools provided by the vendor. The scope of control is dictated by the service level agreements and terms of service put forth by the vendor. Digital rights management (DRM) can be used to provide sys admins with greater control over who can access corporate data, where and for how long. DRM basically controls how individual files behave upon distribution. EFSS platforms with robust digital rights management enables enterprise IT to keep data safe through policies that restrict file access based on IP range or geographical location.
Integrating cloud infrastructure with the current system is a major challenge enterprises have to address if they are to successfully leverage the full benefits of adopting an enterprise cloud. In a 2014 survey by InformationWeek, 56 percent of the respondents were of the opinion that integrating with existing IT products is the main hurdle to overcome when deploying a cloud model. This is especially true for hybrid cloud deployments, because all the applications running in the cloud have to be integrated with the file shares and apps running on premise. To lower this hurdle, private Cloud solutions such as FileCloud provide tools and capabilities to integrate with existing systems.
Since a universal set of interfaces and standards has not been established; the risk of vendor lock-in is real. However, incidences of vendor lock-in are likely to reduce as more vendors begin to adopt new technologies such as open APIs. Cases of poor integration are also likely to drop as open source platforms like OpenStack become more available and as vendors place more focus on open computing standards.
V. Compliance and Regulation
The decision to adopt an enterprise cloud raises multiple concerns and questions in regards to regulatory and jurisdictional control over the protection and privacy of sensitive data. This is why compliance regulations remain a consistent challenge facing the adoption of EFSS solutions. 66.7 percent of the respondents in a survey conducted by CipherCloud believed both auditing privacy and compliance were the main security challenges associated with cloud computing.
Compliance touches on multiple areas including government regulations like the European Union Data Protection Act, and industry regulations like HIPAA for health data and PCI DSS for payment cards. Trying to achieve the optimum level of compliance in the cloud can leave customers and vendors scratching their heads. A growing number of cloud vendors are trying to get a better hold on compliance requirements by basing their data centers in countries that are near their consumer base.
VI. Data Residency
While data residency may fall under the realm of compliance regulations, it poses a major challenge to enterprise file sharing and synchronization on its own. Data residency is particularly a huge challenge for multi-nationals that have offices all over the globe, covering multiple jurisdictions; this is mainly because it’s quite hard to satisfy regulatory requirements for keeping data within a country’s or region’s borders. Several countries including Canada, Australia, Switzerland and India have passed laws restricting organizations from storing data outside their physical country borders.
The European Union (EU) has enacted some of the strictest sets of data protection regulations in the world. The regulations not only affect Europe based organizations but any organization that deals with the Personal Identifiable Information (PII) of citizens in any of Europe’s 28 countries. This means any organization that holds PII has to conform to the EU Data Protection Directive. A report by Skyhigh revealed that 74.3 percent of vendors are yet to meet these strict stipulations. Tokenization and/or encryption can be used to address some of the data residency concerns.
A major challenge often faced by organizations when adopting the cloud is the lack of accuracy in IT cost allocation. Only 43 percent of the respondents in survey conducted by KPMG believed they were aware of the cost of the cloud in relation to existing IT services. Before setting out to establish a tenable enterprise case for the cloud, both the vendor and customer should first determine the true cost of the existing IT infrastructure as well as the fixed and variable costs of migration. Some organizations fail to break down their labor costs between infrastructure and applications. For the cost benefits of the cloud to be fully leveraged, providers have to work together with their clients and arrive at comparable figures.
Most enterprises assume that EFSS is a simple off-the-shelf solution that can easily be integrated into their current processes. They fail to realize that migrating to an enterprise cloud is a complex process that requires careful consideration. Introducing new technologies always carries a set of challenges; however, with the right strategy they can easily be overcome.
Click here to learn why FileCloud is the fastest growing Enterprise File Sync and Share (EFSS) solution!
Author: Gabriel Lando
image courtesy: ddpavumba, freedigitalphotos.net