At the individual or group level, providing the proper education in IT and network resources can help stymie the prevalence of rogue IT, and prevent your IT department from having to lock down the computing environment and throttle productivity. Educating users on the potential consequences of their rogue IT actions may give them a bit of pause before they attempt to circumvent standing policies — while also promoting a sense of shared ownership of the network.
For example, one of the most common rogue actions is users taking advantage of simple web-based storage to store files that they want to be able to access from multiple locations — a core tenet of information mobility. Dropbox, OneDrive, Box.net, and many others offer simple interfaces for most platforms, desktop and mobile, and allow any user with an Internet connection to access the files. The problems that this can create, however, are many.
While these
cloud storage services do make the files available to users wherever they like, they also have the potential to expose what may be proprietary business information to unauthorized users. Because each copy of the data only has the security settings the individual user has chosen to apply, there is no way to know exactly who has access to the data and who might have made it (often unintentionally) publicly available.
A proactive IT department could circumvent this issue completely by creating a business account on such a service. With an enterprise account, users have access to additional security and management functionality that many of these storage vendors don’t offer their basic users. Thus, the service is available to users who need it, but account access and control is back in the hands of IT, and not the individual users.
