What is company consumerization and what are the possible risks
Wednesday, February 18th, 2009The transformation of enterprise architecture and its opening to web 2.0 is a process that was spontaneously born, and for this reason it is inexorable.
Companies were not the ones which voluntarily decided to implement their structure with new technologies and languages. It were rather the single persons, the generational turnover of the empolyees that imposed it slowly but relentlessly.
Most of a company’s staff – particularly where the average age is lower than 35 – are already involved in activities of social networking even before being hired. It is thus normal for them to have the spontaneous desire to go on socializing on the net also in their offices, and it is from this phenomenon that the consumerization of companies in IT is born, that is, the introduction of the technologies used by consumers into companies.
If on one hand this new trend brings innovation to offices redesigning their communication, language and methods in an easier and fresher way, on the other hand it could be an important problem of security. Companies will thus have to encourage their workforce to use these tools, but they will also have to be able to address their employees and draw some rules so that internal security is respected without creating discontent.
As Rich Mogull - research vice president of Gartner – asserts, eliminating the use of consumer technologies is difficult and impractical, but “by taking security precautions and investing in foundational security technologies now, enterprises can prepare themselves for increasing use of consumer devices, services and networks with their organization, and manage these risks.”
So, IT managers must prepare the structure to include an architecture that is very different from the previous, containing all risks in the best possible way.
Be it the case of IM, of personal email accounts (such as Gmail, Hotmail, etc.), of blogs, of social networks or of 2.0 services in general, as we have already said and as Mogull himself points out, blocking accesses is surely not the solution. What companies should worry about is not the possible waste of time, but rather the risk that the internal network is “invaded” by external users and thus exposed to a danger. To prevent this risk, companies will have to be timely and anticipate their employees, setting a safe environment through, for example, the development of a VPN (Virtual Private Network) based on SSLs (Secure Sockets Layers) and the reduction of non-authorized external accesses to their internal network, considering also mobile devices.
Summing up, the more time passes, the less time companies will have to be ready and react to the new technologies: a further reason to act now.
