I recently came across a post by Floyd Strimling at Zenoss titled 5 Cloud Predictions for 2012 – Private Clouds, PaaS, & Hypervisor Uptick. Prediction number 3 in particular got my attention:"You’ve been hearing a lot about BYOD (bring your own device) and employees using free cloud providers for services in the name of productivity outside of the purview of internal IT. In 2012, we will see a large Enterprise experience a breach because of these so-called productivity enhancing cloud applications. An innocent act by a group of users will set this movement back."
My employer is an SMB that takes advantage of both BYOD (bring your own device) and free cloud based services. The drivers in our case are agility and cost savings, though the order may vary based on who you speak with. The pace of business and resource constraints of the average SMB often preclude the following of proper risk analysis practices when it comes to security. Thus, having a real understanding of the ALE and ROI for implementing stronger security measure is lost.
The same is likely true in the enterprise where departments/teams often exhibit SMB behaviors in order to meet their goals. This practice brings us to the real opportunity raised by the prediction, defining and developing frameworks, software and/or services that can be quickly and cheaply plugged into the enterprise to more allow for a more secure adoption of mobile/cloud productivity services. Making the protection and integration seamless for the user will be key to adoption. A startup that can crack this nut will be in a great position for the next decade.
