Government // Enterprise Architecture
News
6/26/2012
12:24 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Dropbox Anxiety? WatchDox Tries To Ease CIO Fears

Investment firm Blackstone uses the cloud file-sharing platform to live the dream: WatchDox gives users BYOD freedom while putting control in IT's hands.

10 iPad Annoyances, Solved
10 iPad Annoyances, Solved
(click image for larger view and for slideshow)
It would be easier for CIOs to support a bring-your-own-device strategy if it weren't for all those pesky users. Give them an inch, they'll take a mile.

"There's this user expectation of access to all of your data on all of your devices," said Ryan Kalember, chief product officer at WatchDox, in an interview. "The hardest part of provisioning that access is the sensitivity of documents."

There's a treasure trove of readily available, easy-to-use tools for enabling access and collaboration among employees. But security concerns have led the likes of IBM to say no to some of those applications, such as Dropbox, on their networks. Kalember points to a basic reason why: Even platforms that invest heavily in enterprise-level security don't address a fundamental lack of control. If an employee can access a file securely but then email it to anyone, anywhere, IT no longer has any power over it.

"Even if you've managed to secure [files] moving from Point A to Point B, you really haven't done much unless you're actually controlling how they get used," Kalember said. "Everybody's got an email client, and everybody can easily attach a PDF and send it anywhere in the world--and you'd never know."

[ For an alternate view, read Why Security Isn't A BYOD Showstopper. ]

Kalember's a bit biased: WatchDox's raison d'etre is to put that control back in IT's hands so as to allow enterprises to harness the upsides of mobility, cloud, and various iterations of the BYOD trend. The company's WatchDox Sync platform allows enterprise users to access, modify, and share files across any devices, whether on the corporate network or not. IT, on the other hand, can track and control those files and everything that a user does with them. Administrators can revoke access at both the user and device level, even after a file has been downloaded to a personal iPad, laptop, or any other hardware. IT-issued rules can be automatically policed and enforced, too. In July, the company will expand WatchDox Sync to include shared workspaces for teams in addition to individual folders.

If it all sounds a bit Big Brother-ish, well, it is. That level of control and visibility lets IT pros sleep at night. But end users don't much seem to mind as long as they can use their iPads and other devices for work without much muss and fuss. Carrot, meet stick.

That's been the case at Blackstone, the multibillion-dollar investment firm. The company began testing WatchDox as a tool for handling sensitive investor communications. Much of that information is sent via PDF; Blackstone CIO Bill Murphy had grown uneasy with the lack of visibility into what became of that data once it traveled beyond the corporate perimeter. The implementation was a success and Blackstone decided to do a wider rollout of WatchDox for other internal and external use cases.

"It's caught on like wildfire," Murphy said in an interview. "We started in January with 50 users; we're already over 500." That's in spite of the fact that there's no IT mandate that employees must use WatchDox. "We haven't pushed it," Murphy said. Rather, Blackstone has positioned it internally as the best method of communicating securely with external parties and having access to work files from any device at any time. Murphy's more than a bit biased: After trialing the WatchDox platform, Blackstone didn't just sign on as a customer--it became an investor. Murphy said that was partly a byproduct of how popular the platform has become with Blackstone employees.

Murphy credits some of the viral adoption to ease of use. "Most security solutions come with a tax, which is either performance, usability, or a lot of times both," he said. "Everybody in a user community hates to see the security guy coming, because it means I'm not going to be able to do something that I would otherwise be able to do."

Enter the carrot and the stick: WatchDox has given Blackstone employees more freedom to do as they please in terms of devices and data. The firm previously had no uniform method of enabling--much less securing--anytime, anywhere access, particularly on mobile devices. Blackstone approves a limited form of BYOD; employees are welcome to use their own iOS devices, but Android and other platforms are a no-go. Like other organizations, the company had gotten by with a mix of applications provisioned "outside the corporate-approval chain," according to Murphy. Today, Blackstone prohibits Dropbox; employees can use Box.net if external parties choose to share files through that platform, but it doesn't provision its own accounts.

For Murphy, the WatchDox rollout has moved into that rarified air where both end users and IT get exactly what they want from a technology deployment. Employees get unfettered access--at least from their perspective--to all of their stuff, whether on their iPads, company-issued laptops, or any other devices. IT gets unfettered access, too--likewise defined by their perspective on that phrase.

"Everyone says they're secure, but it's certain levels of security," Murphy said. "Once you get into the audit and compliance folks, they love WatchDox because they know exactly what's happening with every document and have the ability to explode it after it's gone."

More than 900 IT and security professionals responded to InformationWeek’s 2012 Strategic Security Survey. Our results cover a variety of areas critical to information risk management, including cloud, mobility, and software development. Download the 2012 Strategic Security report now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MS95SC
50%
50%
MS95SC,
User Rank: Apprentice
7/10/2013 | 6:54:37 PM
re: Dropbox Anxiety? WatchDox Tries To Ease CIO Fears
Blackstone is an investor in WatchDox and only works with Word Docs on PC's. Unfortunately it doesn't work for our company as we need to collaborate with a lot of Mac users, use Google Docs and Office 2013.
rkalember940
50%
50%
rkalember940,
User Rank: Apprentice
7/10/2012 | 4:15:33 PM
re: Dropbox Anxiety? WatchDox Tries To Ease CIO Fears
I'm not sure it's a generational thing with USB drives - more of an iPad thing.
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
6/29/2012 | 11:24:28 AM
re: Dropbox Anxiety? WatchDox Tries To Ease CIO Fears
Use a USB pen drive. They make them with rather large capacities these days and with proper encryption the documents should be safe. Additionally, the file access is faster and your company does not have to pay for the extra bandwidth used to retrieve these files.
Or is that too much yesterday and does not vibe with the Facebook generation?
PJS880
50%
50%
PJS880,
User Rank: Apprentice
6/26/2012 | 6:06:02 PM
re: Dropbox Anxiety? WatchDox Tries To Ease CIO Fears
Enterprises cannot afford to have potential security threats on their systems. Companies pay a ton of money and use time, resources, and employees to implement and even then some are not successful. I am referring to FoxMeyer back in the 90G«÷s going bankrupt trying to successfully implement an enterprise system into their business. It is not hard to see why companies with enterprise systems are very choosy on who they let play around in their system.

Dropbox is not allowed where I currently acquire my internet services from during the day. It is frustrating sometimes not being able to access my documents that I need when I need them. It has forced me to look for additional resources on the web to gain access. You have to remember that is the IT departmentG«÷s job, to keep data and the system safe from unwanted intrusion or potential threats. I am glad to read that Blackstone has found a way to implement successfully and given some alternative ideas for success.

Paul Sprague
InformationWeek Contributor
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
Protecting Critical Infrastructure: A New Approach NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.