Investment firm Blackstone uses the cloud file-sharing platform to live the dream: WatchDox gives users BYOD freedom while putting control in IT's hands.
10 iPad Annoyances, Solved
(click image for larger view and for slideshow)
It would be easier for CIOs to support a bring-your-own-device strategy if it weren't for all those pesky users. Give them an inch, they'll take a mile.
"There's this user expectation of access to all of your data on all of your devices," said Ryan Kalember, chief product officer at WatchDox, in an interview. "The hardest part of provisioning that access is the sensitivity of documents."
There's a treasure trove of readily available, easy-to-use tools for enabling access and collaboration among employees. But security concerns have led the likes of IBM to say no to some of those applications, such as Dropbox, on their networks. Kalember points to a basic reason why: Even platforms that invest heavily in enterprise-level security don't address a fundamental lack of control. If an employee can access a file securely but then email it to anyone, anywhere, IT no longer has any power over it.
"Even if you've managed to secure [files] moving from Point A to Point B, you really haven't done much unless you're actually controlling how they get used," Kalember said. "Everybody's got an email client, and everybody can easily attach a PDF and send it anywhere in the world--and you'd never know."
Kalember's a bit biased: WatchDox's raison d'etre is to put that control back in IT's hands so as to allow enterprises to harness the upsides of mobility, cloud, and various iterations of the BYOD trend. The company's WatchDox Sync platform allows enterprise users to access, modify, and share files across any devices, whether on the corporate network or not. IT, on the other hand, can track and control those files and everything that a user does with them. Administrators can revoke access at both the user and device level, even after a file has been downloaded to a personal iPad, laptop, or any other hardware. IT-issued rules can be automatically policed and enforced, too. In July, the company will expand WatchDox Sync to include shared workspaces for teams in addition to individual folders.
If it all sounds a bit Big Brother-ish, well, it is. That level of control and visibility lets IT pros sleep at night. But end users don't much seem to mind as long as they can use their iPads and other devices for work without much muss and fuss. Carrot, meet stick.
That's been the case at Blackstone, the multibillion-dollar investment firm. The company began testing WatchDox as a tool for handling sensitive investor communications. Much of that information is sent via PDF; Blackstone CIO Bill Murphy had grown uneasy with the lack of visibility into what became of that data once it traveled beyond the corporate perimeter. The implementation was a success and Blackstone decided to do a wider rollout of WatchDox for other internal and external use cases.
"It's caught on like wildfire," Murphy said in an interview. "We started in January with 50 users; we're already over 500." That's in spite of the fact that there's no IT mandate that employees must use WatchDox. "We haven't pushed it," Murphy said. Rather, Blackstone has positioned it internally as the best method of communicating securely with external parties and having access to work files from any device at any time. Murphy's more than a bit biased: After trialing the WatchDox platform, Blackstone didn't just sign on as a customer--it became an investor. Murphy said that was partly a byproduct of how popular the platform has become with Blackstone employees.
Murphy credits some of the viral adoption to ease of use. "Most security solutions come with a tax, which is either performance, usability, or a lot of times both," he said. "Everybody in a user community hates to see the security guy coming, because it means I'm not going to be able to do something that I would otherwise be able to do."
Enter the carrot and the stick: WatchDox has given Blackstone employees more freedom to do as they please in terms of devices and data. The firm previously had no uniform method of enabling--much less securing--anytime, anywhere access, particularly on mobile devices. Blackstone approves a limited form of BYOD; employees are welcome to use their own iOS devices, but Android and other platforms are a no-go. Like other organizations, the company had gotten by with a mix of applications provisioned "outside the corporate-approval chain," according to Murphy. Today, Blackstone prohibits Dropbox; employees can use Box.net if external parties choose to share files through that platform, but it doesn't provision its own accounts.
For Murphy, the WatchDox rollout has moved into that rarified air where both end users and IT get exactly what they want from a technology deployment. Employees get unfettered access--at least from their perspective--to all of their stuff, whether on their iPads, company-issued laptops, or any other devices. IT gets unfettered access, too--likewise defined by their perspective on that phrase.
"Everyone says they're secure, but it's certain levels of security," Murphy said. "Once you get into the audit and compliance folks, they love WatchDox because they know exactly what's happening with every document and have the ability to explode it after it's gone."
More than 900 IT and security professionals responded to InformationWeek’s 2012 Strategic Security Survey. Our results cover a variety of areas critical to information risk management, including cloud, mobility, and software development. Download the 2012 Strategic Security report now. (Free registration required.)
InformationWeek Tech Digest August 03, 2015The networking industry agrees that software-defined networking is the way of the future. So where are all the deployments? We take a look at where SDN is being deployed and what's getting in the way of deployments.