Kurt Roemer, chief security strategist, Citrix
Kurt Roemer, chief security strategist, Citrix

For IT professionals, security has changed forever. Two of the most powerful trends in IT – cloud services and bring-your-own-device (BYOD) – threaten to reduce our control over computing. Enterprises have two choices: fight these trends through a ban that would restrict flexibility and productivity, or adapt IT thinking and update security architectures to reflect the new reality. The key is to give workers a sanctioned way to use cloud and BYOD resources while aligning enterprise security and architecture with the requirements of a more open environment.

Know your virtual supply chain

How can IT keep the enterprise secure and maintain confidentiality, integrity and availability when departments and individual workers can sign up for cloud services with their own credit cards? The first step is to know with who you're dealing.

By giving people an approved way to easily choose and purchase software-as-a-service (SaaS) applications, computing platforms and data center infrastructure, enterprises can cut down on unauthorized use. The average worker might not know the right questions to ask, but a built-in model of due diligence can minimize unacceptable risks.

Visibility is critical. A primary issue with the cloud is its reliance on multitenant computing architectures that directly impact administrator and tenant visibility. Tenants in a public cloud have no way of knowing what other customers share their servers, or if third parties are providing resources. The result? You may not even know who is administering various elements in the virtual supply chain – from compute to storage to applications and data.

The low barrier to entry, as well as the simplicity and scalability of cloud services, has introduced many hastily developed cloud implementations. The best providers will design their multitenant architecture to protect administrative, tenant and external services from each other, and prove compliance and privacy in clouds and other shared-ownership models. By choosing service options carefully, you can manage risk throughout the virtual supply chain.

Adapt to consumerization and BYOD

Corporate lockdown can limit creativity and keep employees from working productively. By loosening IT's stranglehold on technology, people are empowered to expand their work environment across devices and physical spaces to get more done. After decades of trying to keep non-standard consumer devices out of the enterprise, the trend today is to embrace practices that had been previously forbidden, which can, in fact, drive business.

Whether you adopt a formal BYOD policy or not, consumerization is an unavoidable force in today's organizations – in part because all levels, including the C-suite, are pushing for it.