Problem solve Get help with specific problems with your technologies, process and projects.

IT needs to keep up with workers who use desktop cloud backup

While enterprise IT wants users to back up their data, you should review desktop cloud services to make sure they're efficient, compatible and secure.

How are the cloud backup services for your enterprise workstations working out? What, you don't use cloud backup services? That may be how IT operates, but odds are your users are taking advantage of desktop cloud backup and syncing services offered by Mozy, Carbonite, iCloud and SkyDrive. You can't afford to be out of the loop about this.

The whole workstation backup situation is quite difficult, even downright perplexing. In most of my information security assessments, I find that users have no reasonable means to back up their desktops or laptops. It's usually one of four things:

  1. Users (or IT or management) assume that there's nothing of value on their workstations.
  2. They have no backup software or place to back up data, such as to a network drive or external hard drive.
  3. Workers have backup software that requires them to be connected to the enterprise LAN, but they're rarely in the office, and backups never happen.
  4. They have desktop backup software that's supposedly doing something, but they have no idea if their critical work and personal data are being protected.

Ignorance is bliss for many, but for those who have been burned, there's a reasonable understanding of the importance of consistent desktop backups. But what do users do if IT doesn't provide them a solution? They do it themselves. Thanks to marketing hype from talk show hosts and an inundation of ads, users are moving their data -- and your business's data -- to the cloud, whether you like it or not.

This cloud backup craze is a side effect of the bring your device (BYOD) trend. Simply put, users have put personal data on their fancy new discount desktops, laptops and tablets they don't want to lose. These devices also house files, databases and emails containing intellectual property and personally identifiable information that businesses can't afford to lose.

Cloud-based backup services are relatively mature, and there's a reasonable level of trust and security if the data is truly encrypted and protected with a strong passphrase. Independent data center audits and penetration testing of the Web front end are an extra plus that I always look for.

The problem is that users are calling the shots, making life more difficult for those in IT responsible for managing desktop backups. Regardless of how hard it may be, it's still a business problem that needs IT attention.

More on desktop backup and endpoint management

Don't overlook these desktop backup tasks

Microsoft Office 2013: What we know about the suite so far

What are the limitations of cloud backups?

FAQ on securing and managing endpoints

Rather than leaving it to users to decide if, when and how their workstations are backed up to the cloud, it's up to you to help establish some standards and policies that everyone knows about and abides by.

It's not going to be 100% foolproof, but if you give users some desktop backup options, you can streamline the process, minimize headaches, and mostly reduce the security and regulatory compliance risks to business systems and data.

Here's what you can do. Determine the most reasonable technologies for backing up to the cloud. Consumer-grade cloud backup services and "drives in the cloud" will likely work. Just consider vendor reputation and the need to ensure the pillars of confidentiality, integrity and availability. If your organization is large enough or you have a lot to lose, you may also want to consider some of the more complicated cloud security concerns.

Also, consider whether you want to back up entire workstation drives or simply all business and personal files. The last thing you want to do is have your desktop cloud backup service constantly clobber your Internet connection.

Finally, you've got to keep an eye out on things. Like so many other security functions -- such as patch management and audit logging -- desktop backups are often seen as a set-it-and-forget-it task. Don't fall into this trap. Stay informed, keep users informed and check in with them regularly.

Users are going to do whatever they want to do on enterprise networks, especially if they're using their own computers with full admin rights. Use the cloud to your advantage. Just remember the tried and true principle of "trust but verify." Nip workstation backups in the bud today and be done with this headache and business risk once and for all.

This was last published in February 2013



Find more PRO+ content and other member only offers, here.

Essential Guide

Enterprise endpoint and mobile security management wait for no one

Join the conversation


Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

If it were my choice, I'd require 3 things before allowing employees to store business data in the Cloud: 1) Files have to be encrypted before being "copied" or synced to cloud storage; 2) The connection between devices and cloud storage would have to be encrypted; 3) Authentication between client devices and cloud provider must be two-factor.
The article is right about users syncing personal and business data to cloud backup services. However this statement is incorrect: "there's a reasonable level of trust and security if the data is truly encrypted and protected with a strong passphrase". Strong passwords only makes it a bit more difficult to hack your account. The data on the cloud service providers may be encrypted by the provider but they can decrypt it too. Terms of Use and/or Privacy policy of cloud backup providers clearly state they will access the data if needed to provide the service or if mandated by law.

The only secure way to continue to use cloud back up services without compromising the data is to encrypt it before it is backed up to the cloud. Private keys to decrypt the files should remain with the user. For best user experience, the files should be decrypted when the user opens them locally, just as if the file was not encrypted. This essentially requires the application on your laptop/tablet to tie current user to the right identity so the private keys to decrypt the files can be retrieved.