Have you heard about “Consumerization” in IT? I’m sure you had a chance to read about this trend. If not, navigate to the following Wikipedia link. The idea, in a nutshell, is related to a growing usage of the application and devices originally available in the consumer space in enterprise and/or business.
Consumerization is a stable neologism that describes the trend for new information technology to emerge first in the consumer market and then spread into business organizations, resulting in the convergence of the IT and consumer electronics industries, and a shift in IT innovation from large businesses to the home. For example, many people now find that their home based IT equipment and services are both more capable and less expensive than what is provided in their workplace. The term, consumerization, was first popularized by Douglas Neal and John Taylor of CSC‘s Leading Edge Forum in 2001 and is one of the key drivers of the Web 2.0 and Enterprise 2.0 movements.
There are quite many examples in this space. The simplest one is usage of private smart phones in business. It was significant 1-2 years ago when enterprises hesitated to move towards Apple’s iPhones and restricted employees to use alternative Windows Phones or Blackberries. Another example is usage of multiple Apps coming from app stores by people. Collaboration software is another example. How many times you used Google Apps or gmail because the similar service provided by IT in your organization wasn’t available?
I’ve been reading Trend Microconsumerization Report 2011 on the plane yesterday and found some interesting numbers there. Navigiate your browser to the following link to read more.
So, what happens in PLM? Can we find ourselves using consumer application in engineering and manufacturing or the domain is too specific to be exposed into consumer application? Here is my take. I don’t believe, there is a real risk to replace CAD, CAE and other specialized application. However, there are two segments of applications that can be heavy involved and impacted by consumer applications: communication and collaboration. Email, data sharing, social networking and communication (video conference utilities, etc.). It made me think about the potential of risks and aspects companies can be exposed as a result of such a “consumerization”.
In my view, a single element of exposure can happen because of employees using non-IT approved applications. It is DATA. It made me think about the potential showstoppers. I can select three and I want to speak about them separately.
1. Data Ownership.
As a result of consumer application usage, data can easily migrate or been originated outside of organizational facilities. It can cause losing control of IT organization and cause risks in losing IP related to the core company activities. The accounts in consumer applications can be compromised, and data ownership cannot be claimed. It is very hard (even impossible) to get data back from outside services and/or locations.
2. Data Security
I have really mixed feeling about this topic. Even if I truly believe, in many situations iT uses the topic of security as “a red herring”, the security risks are indeed existed if employees are using consumer services. Consumer service security capabilities are not standing aligned with enterprise requirements and sometime consumer web apps provided by small companies that really doesn’t care about security so much. As a result of that, information located outside of organization can be accessed or access can be compromised.
3. Data Compliancy
If data is located in your X:\ drive or Google Apps account, it is work related and most compliancy rules needs to apply. SOX, FRCP, GLBA. All elements and requirements needs to be in place. Not sure Instagram or Foursquare software are actually aware about how to meet regulatory (requirements) in that situation. It is a really good question that needs to be asked before you placing company data in these applications.
What is my conclusion? Where consumer apps provide a great deal of usability, flexibility and cost-efficiency, companies need to be concerned about DATA, employees shares outside. Email, collaboration, conference file-sharing services – all needs to be concerned as a potential service exposes data in your organization. To work with software vendors that actually thinking about how to provide cloud (and other) services without breaching your data and increase company risks needs to be a priority for many IT organizations.
Just my thoughts..