Huddle: Consumer cloud services causing 'security time-bomb' for enterprises

Huddle: Consumer cloud services causing 'security time-bomb' for enterprises

Summary: The enterprise world is sitting on a disaster waiting to explode, based on a new survey from the U.K. cloud company.


SAN FRANCISCO -- As more employees continue to access consumer cloud accounts at work (regardless of IT rules), the enterprise world is about to reach a breaking point, based on a new report.

Quite simply, U.K. cloud collaboration company Huddle described the trend as a "security time-bomb."

At least 38 percent of U.S. office workers are said to have admitted to storing work documents on personal cloud tools and services, while a whopping 91 percent of workers added they use personal devices (i.e. USB drives) to store and share sensitive company documents.

Huddle argued that this means enterprise and government organizations are at severe risk of losing both data intellectual property forever as this fragmentation continues.

The London-headquartered company published its first State of the Enterprise assessment report amid the official opening of its San Francisco offices on Thursday morning as Huddle branches out to attract a U.S. customer base.

"Legacy technologies create barriers to how we want to work," said Mitchell.

Huddle produces a team-based collaboration platform designed for large teams within enterprises storing content securely and individually. The idea behind Huddle is to replace personal USB drives and "dumb file storage" platforms with open-security models and folder-based content.

As the cloud-based storage and collaboration market grows, it looks like Huddle will be aiming to take on the likes of Box, Google Drive, Microsoft SkyDrive, and Dropbox, among others.

Huddle is framing itself as different in that it constructs a single network for working and collaborating beyond a firewall, removing VPN complexities with single, company-wide login.

Huddle CEO Alastair Mitchell described during an inaugural media presentation that its customers are replacing legacy technologies, calling out SharePoint and Outlook in particular as users move content collaboration out of email.

"Legacy technologies create barriers to how we want to work," said Mitchell. Pointing toward mobile workforce trends, Mitchell followed up that at least half of U.S. employees surveyed in the study want to be able to work from anywhere.

Here are some more highlights from the report:

  • Men are the worst offenders being that they are 30 percent more likely to use personal cloud storage at work than women.
  • By age, the worst demographic is the youngest generation in the workforce as 89 percent of employees between the ages of 18 and 24 use personal devices for work purposes.
  • Email is still the dominant collaboration tool as 65 percent of employees use attachments to share files outside the company. However, 31 percent lamented they are not able to send large files via email. Another 18 percent said they couldn't use email to get their work approved by co-workers.
  • Couriers still have a niche market as 15 percent said they still send hard-copy documents through in-person delivery.

"We're not alone in seeing that people want to make sense of all this influx," Mitchell remarked.

The Huddle co-founder predicted that the trend this year will be acknowledging the existence of BYOD ("bring your own device") and 2014 will be the turning point when enterprises (and their IT departments) will answer employee demands.

For reference, Huddle commissioned Ipsos MORI to conduct the study. The market research firm surveyed 2,000 U.S. office employees between the ages of 18 and 65 during the week of April 2, 2013.

Huddle plans to publish a follow up to its State of the Enterprise report series this September, with annual updates thereafter.

Image via Huddle

Topics: Cloud, Enterprise Software, Security, Storage, Enterprise 2.0

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Huddle: Consumer cloud services causing 'security time-bomb' for enterprise

    "they use personal devices (i.e. USB drives) to store and share sensitive company documents." sneaker-net is making a big comeback. byod + cloud is indeed a ticking security time-bomb and a big headache for net admins. i can't think of a way to mitigate risk but then again, the technology should move forward ... what a dilemma?
  • If companies insist on BYOD....

    then too bad for them. Have an Android phone? Plug your usb into your phone and computer and BANG! you've effectively got a usb drive.

    These executives are so worried about saving a buck right now that they don't see the HUGE financial implications of BYOD. Much bigger than the savings they will receive by having a BYOD policy.
  • As usual companies will follow the pack instead of leading it,

    Cloud file sharing has been around a while now, as have mobile devices, and yet companies are only just waking up to their implications. The consequence of this is that their focus is likely to be on restricting use rather than developing it. They also do not see the wider potential in that large concrete office blocks and employees working to fixed time and location patterns are a think of the past - I am not saying they will disappear overnight but companies should be thinking long and hard before commissioning new ones.

    We have to reduce pollution or die and one effective way of doing this is be eliminating much of the unnecessary travel we all engage in daily. Most businesses could operate far more efficiently with a mix of a small central office, localised hubs and homeworkers. To achieve this they will need effective and secure communications and storage devices. They will also need to learn to let go of physical control (did you work 8 hours or 5 today)and focus on output and production.

    Document sharing is key to life today and every company ought to have an easy to access but very secure online storage area for their employees to access. Many of them already have expensive tools that could deliver this (example Sharepoint) but they don't take the time to understand, properly build out and develop these.

    No industry can afford to be even 6 months behind their employees in understanding technology and yet most still have the "let's ask the IT department" - this department should not exist at all but instead be a very part of the fabric of the company and integrated in every job throughout the company. Those who have MD's that get their secretary to print out emails are the dinosaurs that will fall first. I know many senior execs who are still not confident enough to run or even take part in video meetings never mind sharing files. It is these people who will have the knee jerk reaction of restricting, rather than embracing, this technology.
  • Security depends on trust and policies.

    Companies can, and do, lock out all but the highest ranking executives and most senior IT techs from either using the USB ports or booting from other than the primary drive. Ultimately it is a matter of trusting the trustworthy, having them watch one another, and removing temptation from the rest. Employees who bring their own devices should not be allowed, much less encouraged, to do company work on company data with them, beyond getting non-specific emails from management to alter their schedules when away from the office (boss calls on Saturday to say come in to the office, OR log in on the COMPANY owned device, we have an emergency).

    Companies can, and should, issue SEPARATE devices, locked down by IT to allow no access to non-corporate email or cloud servers and no access to install apps, EVEN IF it duplicates the employees' own devices. In other words, BYOD is NOT a legitimate means of avoiding the cost of necessary and appropriate portable company-owned hardware; it can cost far more than it saves, leaves the company open to charges of violating employee privacy (since company IT people must handle, and install remote access apps for, devices with employee personal data) and employees open to charges of "leaking" company data (which may occur accidentally anyway; e.g. the first time an alarm goes off at home and the employee is in the bathroom and shouts to the spouse, "Would you get that for me please? The password is xxxxx.").

    It is best for employer and employee alike to keep personal and work data and devices separate. And it goes without saying that employees should not USE personal devices during working hours, except during breaks; or use COMPANY devices outside working hours except when working authorized overtime.
    • Mail and calendar

      I use my own phone for mail and calendar for both private and company matters. I think correctly managed this works great. I got a lock screen on my phone and both myself and the company got the power to wipe the phone. My personal mail, contacts, photos etc will not be lost if the phone is wiped, since they in the the Google cloud.
  • what world do you all live in?

    Good luck prying personal devices out of employee hands. The days of being able to impose control over your data are gone as well, get over it. You can, however, stack the deck in your favor:

    - implement new technologies quickly
    - get out of you employees way
    - draw a careful line in the sand about what data is truly sensitive
    - assume data is going to get leaked
    - treat violations and breeches seriously


    - spend a crapload of time, effort and $$$ living in the past