Starting in 2008, “… relatively technical individuals no longer waited to ask for a budget to spend capital on a multi-thousand-dollar server, and then fight a lot of people for the use of that server. [Today], management doesn’t know about these cloud applications until a line item shows up in an expense report.” KEVIN GRUNEISEN, SENIOR DIRECTOR, CLOUD AND DATA CENTER SOLUTIONS LOGICALIS INC. performance, and close security gaps. Those interviewed agreed that resellers must justify reasserting control by taking a more con-sultative role. The first part of that process is discovering the BYOC choices clients may have already made, and what other choices exist. “[Channel pros and IT shops] need to be more curious,” says Eric Bisceglia, director of products at Woburn, Mass.-based LogMeIn Inc., which provides private cloud remote ac-cess, collaboration, customer care, and remote IT management. “They need to better under-stand the different cloud services out there. If they can save their clients hours of research, they can play a critical consultant role.” According to Piraino, “CIOs are saying, ‘Let us give you the best options here. Let us auto-mate the process of getting your business ap-plications or infrastructure quickly, rather than getting the sticker shock we were getting when we weren’t in control, when we weren’t in com-pliance from a security perspective, a privacy perspective, or a government perspective.’” Gruneisen’s company, Logicalis, conducts “cloud foundation workshops” with clients to define the pros, cons, and cautions of cloud before offering to design, manage, and/or host cloud solutions. And sometimes, the easiest and least expensive solution is the right one. “If the data being stored or referenced is not par-ticularly sensitive, and the application is only needed for a few weeks, then AWS may make more economic sense than server purchases,” notes Gruneisen. The VAR’s key role, he says, is helping clients build a strategy around the consumption of cloud services, with carefully chosen policies and management practices. REGAINING CONTROL VIA BLOCKING A December 2012 survey conducted by LogMeIn (see “How Big Is BYOC?”) reveals that store and sync apps like Dropbox wor-ry IT pros the most. Jerry Irvine, CIO of IT outsourcer Prescient Solutions in the Chi-cago area, notes fairly frequent reports of the popular file sharing app being hacked. Such apps can be blocked, of course, by traditional legacy protocol and application filters. “If I’m at work and I can’t get to one of these sites, then I’m not going to put my data there to use somewhere else,” says Irvine. He cites San Diego-based Websense Inc. as the best-seller in this field for SMBs, accepting categories of off-limits sites (like entertain-ment sites) or specific blacklists or white lists. Other brands in this category include Blue Coat Systems Inc., Sunnyvale, Calif.; Bar-racuda Networks Inc., Campbell, Calif.; and SonicWALL, owned by Dell, in San Jose, Calif. Then there are DLP (data loss prevention) apps, now being integrated into mobile ap-plication and device management solutions. These work outside the network perimeter, says Irvine, by “giving the organization the ability to tag and categorize information as confidential and proprietary, or automatically tagging data for users based on content or location on the network.” This data can be given different levels of access requirements, based on the data categorization, user, appli-cation, and types of devices that are allowed to access it, as well as the app using that data. Some will require multi-form-factor authentication to access, for example. Lev-els of access will be broken down too, speci-fying whether data can be copied, printed, changed, or merely viewed, and by whom. How Big Is BYOC? RESEARCH CONDUCTED in December 2012 by LogMeIn and Edge Strategies Inc. found that 70 percent of roughly 1,200 SMBs surveyed in the United States, Canada, the United Kingdom, Australia, and New Zealand are actively using employee-introduced cloud ap-plications. The companies also reported: Q 67 percent of SMB IT pros list data security as a key limitation of BYOC (aka bring your own apps, or BYOA). Q 43 percent cite a lack of control/management as a limiting factor. Other factors in-clude lack of integration with corporate systems and apps and regulatory compliance. Q 77 percent say they are concerned or very concerned about security risks, in particular with cloud sync and storage apps. But most find that the benefits outweigh the risks: Q 47 percent of SMB IT pros agree that BYOA could provide increased flexibility, while 37 percent say BYOA could help reveal gaps in the business’s application arsenal. Q 26 percent of SMBs manage these apps through an honor system, 21 percent block the sites of undesired apps, while 23 percent don’t manage BYOA at all. NETWORK MONITORING Network monitoring and management tools, which give IT views into application usage, present a less heavy-handed way of enforc-ing cloud policy. Some of these present real-time user activity on both cloud and in-house applications under one aggregated portal. Increasingly, these windows are offered as managed or unmanaged services themselves, and have multilayered reseller scenarios. The PathView Cloud service from Boston-based startup AppNeta is one example; the actual packet information is picked up on the network by a PathView microappliance at each workplace site. This book-size device can be drop-shipped to end users at remote and home offices for DIY installation. PathView Cloud also can monitor apps on mobile devices, through iOS clients installed via the App Store (and 16 MAY 2013 The Insider’s Guide to SMB
ChannelPro May 2013: Page 16
