The two-edged sword of hosted storage (Bring Your Own File Share?)
While consumer-accessible, hosted storage is nothing new, it was in the wilderness a number of years before reaching the mainstream. Early offerings from the likes of now-defunct X:Drive seemed great in principle, offering 5Gb in storage which (back in 2006) sounded like all anyone would ever need. But for one fatal flaw - the bandwidth simply wasn't there. Neither homes nor mobile devices had sufficiently fast throughput capabilities for online storage to be usable.
Half a dozen years later, we can see a very different picture. The consumerisation phenomenon is in full swing, with employees preferring to use their own mobile phones, access online applications that they choose, and indeed make use of hosted storage now that the bandwidth barriers to entry have been removed.
While consumerisation is a frequent topic of discussion however, it is normally discussed in terms of devices and apps, rather than storage. Not only could this mean that organisations are missing a trick when it comes to understanding changing employee behaviours or benefiting from upsides such as increased availability (if, say, a laptop hard drive crashes). However, it could also leave them exposed to a number of risks.
The most fundamental of these is confidentiality. Online storage is essentially another entry point into the corporate network, another place that information and content can be maintained. As such it is innocuous enough, however it can be difficult to control where that information ends up. For example, if online storage is synchronised to a home computer, can the organisation be confident that it is protected to the same level as corporate kit? Probably not.
This idea extends to shared spaces between teams and indeed, between companies. Contractors and associates may be given access to an online folder for a project, the presence of which can significantly help productivity and collaboration. Without the correct checks in place, the same associates may continue to have access long after the end of the project. By the nature of contracts, it would not be unexpected for them to end up working for the competition - does an organisation really want to give them continued access to internal documents?
Perhaps they would not abuse this situation, but it is best not to leave things to chance - particularly given that not all business relationships end well. An ex-employee with a grudge might choose to 'spike' a hosted file area with malware, for example. Even if not through malice, room for stupidity remains as people fail to install adequate anti-virus protection on their own machines. Should a virus have a tendency to spread, hosted storage directories become easy targets.
It's important not to throw the baby out with the bath water, of course. Used sensibly, organisations can benefit from such facilities without leaving themselves exposed to the downsides. All organisations should at least acknowledge the risks of this facet of consumerisation however: let's not make ignorance the biggest hosted storage risk of all.