Dropbox and CIOs: Five Steps to Life-long friendship

We read an article recently in The Verge talking about Dropbox’s fragility in the enterprise. The author pointed to the addition of a spate of consumer features and questioned whether Dropbox’s heart is even in enterprise software.

Here’s our view: Enterprises’ hearts aren’t in enterprise software! On-premises software suites have become slowly dismantled over the past decade as lines of business and individual workers have eschewed onerous, slow-moving software “projects” for the immediate value and agility that the public cloud brings.

This is why we see 755 cloud apps per enterprise. And we’re not talking Candy Crush and Instagram either. Wholesale business functions are running their operations in the public cloud. Take HR. The average enterprise has not 5, not 10, but 41 HR apps running. That includes employee onboarding, talent management, benefits, payroll, compensation analysis, 360 reviews, education, compliance, and more. And that’s just HR. Look at the other lines of business and it’s the same story. If this were 1980, we’d say cloud killed the software star!

So what does this have to do with Dropbox? Well, Dropbox has stayed true to the “build what people love” ideal, and that is the exact reason people and businesses use it instead of what IT has provisioned for them in the past. Netskope cloud data reveal that Dropbox has always been in the top 5 most-used Cloud Storage apps and, in our most recent aggregated dataset for the Netskope Cloud Report, uploads to Dropbox clock in as the second highest for the category.

Rather than reject Dropbox, many forward-thinking CIOs have embraced the app, adopting Dropbox for Business in record numbers. They can finally give users what they want and feel good about it, forming the basis for a long-lasting “friendship.”

Here are five ways Dropbox and CIOs can foster this friendship:

1. CIOs can justify standardizing on Dropbox. Dropbox has an enterprise-readiness rating of “high” in the Netskope Cloud Confidence Index, an objective yardstick adapted from the Cloud Security Alliance. It’s a strong fit for businesses because it more than satisfies their use cases for enterprise file sync and share, business workflows, and collaboration, all while supporting compliance regimens. (e.g., SOC-3, SAS-70/SSAE-16, ISO27001, PCI, and more), security (AES-256 encryption of data-at-rest, granular authorizations, etc.), and business continuity requirements (with all of the right backup and disaster recovery capabilities you’d expect).
2. CIOs can ensure shared responsibility across the enterprise. How Dropbox is used in enterprises is a shared responsibility between IT and the business. IT can govern how users interact with Dropbox, what data they put there, and how they protect those data. For those use cases, Dropbox enterprise security partners TITUS and Netskope play an important role. TITUS, the data classification authority, ensures data going to the cloud are properly classified, and Netskope, the leading cloud access security broker, enforces policies on those classified data.
3. CIOs can drive consumption. Once IT decides to standardize on a tool, how can they be sure people will flock to it? Dropbox’s popularity gives them wind at their back, but they still need to pull people into the corporate-sanctioned Dropbox for Business. Fortunately, they can do this by separating personal and corporate instances of Dropbox and using automated user coaching to alert users to their corporate instance of Dropbox, in which they can enforce their security and compliance policies. This has the added benefit of answering the question of how they’ll protect users’ privacy – they can monitor and enforce strict policies over the corporate instance while leaving personal ones alone or only preventing upload of business data that are classified as “confidential” or “internal” without doing any other monitoring.
4. CIOs can govern access. CIOs can decide what kind of access they want to provide to people, whether by group or organizational unit, device type (e.g., mobile versus laptop or iOS vs. Android), device classification (e.g., BYOD versus managed), location (e.g., for any user outside of Germany our outside of a network location), and other contextual factors including data classification.
5. CIOs can protect sensitive data. This is the coup de grace, while users are looking for workflow efficiencies from the adoption of Dropbox, the CIO needs to ensure their IP and other sensitive data – the organization’s crown jewels – are protected. With TITUS classifying data and Netskope enforcing policies like “no share,” “encrypt,” or “quarantine,” IT can take comfort that people get the tool they want while the organization can still keep sensitive data secure.

Following this five-step plan will help CIOs empower the business with the wildly popular Dropbox share and sync app that makes it easier and more fun for people to get their jobs done, while still remaining firmly in the driver’s seat when it comes to governing usage and protecting data.