Upload
1105-media
View
217
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Â
Citation preview
SPONSORED CONTENT
The military and civilian students who attend the U.S. Army
War College are used to having their hands full at the beginning
of each academic year – literally.
“Over the course of our 10-month program where people
get Master’s of strategic studies, we issue a stack of printed
books — printed PDFs and other types of reading materials,”
explains Col. Steve Sobotta, director of educational technology
at the U.S. Army War College. “That stack might be two-to
two-and-a-half feet tall when placed on top of each other. Not
only is that a heavy load to carry for the student, but it’s also
a heavy financial burden for the College to print those books
for each of the 400 students
who attend our school.”
The other issue the
College faced: It was
difficult to provide access
to materials online since
students had to be located
within the physical institution
to log on to the classified
network. About a year ago
the War College piloted a
program using Box that gives
all of its students the ability to access those printed materials
from any mobile device or Web browser. Today students
are able to go online to read their coursework, including
copyrighted texts. But even more important, they can discuss
those texts, highlight them electronically, and merge them with
other types of media including audio and text files.
Thinking Outside the BoxWith its efforts, the U.S. Army War College, like many federal
organizations, is fulfilling the Cloud First policy mandate, which
directs organizations to prioritize the use of of cloud computing
offerings to reduce costs, among other things. It’s also
moving to facilitate collaboration, something that is becoming
increasingly important within enterprises as well as public
organizations and agencies.
There is research to back this up. For instance, McKinsey
Global Institute’s July 2012 report, The Social Economy:
Unlocking Value and Productivity through Social Technologies,
found that there is significant impact for those businesses
that allow employees to interact with each other as well as
customers, partners, and prospects. According to the report,
the average worker spends about 28 percent of his or her
workweek dealing with emails, and another 20 percent of their
time looking for information or colleagues who can help them
do their jobs.
Indeed, until now, most collaboration has been done via
email, but that model is no longer sustainable or smart, says
Laurence Hart, CTO at AIIM, a non-profit industry association
providing education, research, and best practices to help
organizations find, control, and optimize their information.
“E-mail is inherently
insecure,” says Hart. “If you
are sending an email you
don’t know who receives
it, if it has been forwarded,
or what happens to your
information once it leaves
your organization. There’s
also no version control.”
Improving communication
and collaboration could
raise the productivity
of “interaction workers” by between 20 and 25 percent,
according to the McKinsey Global Institute report. Box’s
vision – simple, open, and secure content collaboration – is a
panacea for those looking for ways to do this. It certainly helps
people like Col. Sobotta and countless other agency heads
who are experiencing the need for constant communication
and information sharing first hand but can’t find the technology
to make it happen.
“Across the board, there’s a need to be able to collaborate
and share much more effectively, and right now the technology
out there impedes our ability to make that happen,” agrees
Aaron Levie, the CEO and co-founder of Box. “When you have
technology that doesn’t support collaboration, and when you
have information systems that are really meant to lock down
data and knowledge, it’s very, very hard to be able to have
people share information as quickly and easily as possible.”
A Perfect Storm? Cloud, Mobility and Information Sharing for the Federal Government
SPONSORED CONTENT
Addressing the Government’s requirement to better share and collaborate – securely from any device, anywhere.
SPONSORED CONTENT
Cost is also an issue since the federal
budget crisis is affecting every agency
out there, according to Alex Rossino,
principal research analyst at Deltek’s
Federal Industry Analysis arm. “Agencies
are looking for any way that they can cut
budget, and cloud is just a logical way to
do that,” he says.
Content in the Cloud
Box allows people to more easily share
content because everything — including
multiple types of documents, images,
Flash, presentations, video and audio
files, PDFs, HTML pages, Javascript
files — is stored within the cloud.
The service’s underlying design provides enterprise-class
collaboration, security, and compliance with the ease-of-use
and simple integration of a software-as-a-service offering.
The simplicity is key because, up until now, one of the
main things that have thwarted collaboration within the federal
government and other public agencies has been complexity,
says Rossino. Files must be stored and archived in a specific
manner and with high levels of security and replication, as
spelled out by a variety of reporting and compliance mandates.
In addition, even those agencies that
can handle security and compliance have
infrastructure that is stove-piped. It’s
nearly impossible for them to even fathom
re-architecting their existing content
infrastructure to allow content sharing
across departments much less agencies.
“Most people today are just emailing
[files] or using a SharePoint repository –
whatever they have on hand. The idea is
to cut through the knot, and the only way
to really do that is to go whole hog into
the cloud,” Says Rossino.
When this happens, decision-making
becomes less fragmented and better
since information can be assembled into
a single repository and everyone with the correct permissions
can access it, comment on it, and use it to guide innovation,
discussion, and strategy.
This is certainly true in the case of the U.S. Army War
College. Box richly enhances the educational process within
the school, says Col. Sobotta. “Deep discussions have started.
Instead of going a mile wide and an inch deep we can go a
mile deep and an inch wide,” he says. “Plus, students and
faculty can do so 24/7 wherever they happen to be.” •
SPONSORED CONTENT
Box services address three main
trends that are driving the way IT
and business gets done today.
1) Sync and share: Consumers
and business users are already
used to Microsoft’s SkyDrive™,
Apple’s iCloud, and Dropbox™’s
service. Box takes this paradigm
farther by making access device-
and OS-agnostic and coupling it
with the security and compliance
that the public sector and some
enterprises require.
2) Enterprise-level content indexing
and access: Data is only as good
as how quickly it can be found.
With Box, all files are indexed,
tagged with metadata, and stored.
Data and files can be searched by
keyword and attribute, and there
is high-level annotation, structure,
and taxonomy available. In addition,
version control becomes easier as
documents and files are checked
in and out. The best part: Access
remains in the hands of IT, which
sets and grants access based on
user, department, and any number
of other parameters.
3) Mobile access and tracking: Data
can be shared in its native form
on any device or platform, but
controls are still in place. IT can see
who opened, shared, downloaded,
uploaded, or deleted a file. In
addition, since the Box platform is
built on open APIs, users can create
apps to help manage their data and
use it to its fullest extent.
The result is a platform that’s ready
to alter the way business gets done.
“We’re still figuring out what it means
in terms of the way it’s going to
change how government, healthcare,
and other security-sensitive verticals
do business, but the ability to pull up
data that you want and instantly get
it in front of you and others who are
working with you is incredibly game
changing,” says Aaron Levie, the
CEO and co-founder of Box.
The Three Faces of Box
SPONSORED CONTENTSPONSORED CONTENT
Two of the main cloud concerns that most public and private sector users have voiced are related to security and compliance — can you have both when you’re dealing with the public cloud? Box employees live and breathe security, constantly striving to
create a better cloud ecosystem for Box’s customers and the
industry as a whole, says Justin Somaini, the company’s chief
trust officer. There’s good reason
behind this focus.
Cloud-based services are
exploding in the public and private
sectors, but there’s a struggle
going on in IT, according to a
December Gartner special report,
Gartner Predicts 2013. The U.S.
federal government is in the thick
of it, according to Gartner, thanks
to Cloud First and The Federal Risk
and Authorization Management
Program (FedRAMP). CIOs and
their organizations are looking
to encourage and support the
expansion of cloud computing, but
at the same time make sure that
the appropriate security is in place.
Only companies that understand this
struggle – and the reasons behind it
– can be part of the solution. Somaini
says Box is one of them.
Better Than Your Data Center
This requires a very basic yet significant focus on back-end
security features well as what happens during information
transport and delivery. It also includes not only a willingness to
have an exchange of ideas but a desire to work with partners
and customers to advance cloud security as a whole, says
Somaini.
Indeed, security is often the first thing that many CIOs and
CISOs bring up when they sit down with a cloud provider.
“There’s a natural fear from leveraging past services,”
explains Somaini. “The impression is that cloud services
are not secure or, more importantly, less secure than their
enterprise is today.”
This couldn’t be further from the truth, he says. Most cloud
providers are able to offer security levels that are on par if not
more stringent than what can be found in the enterprise.
Corporate America recognizes this. A May 2013 cloud
security study commissioned through IDG Connect found that
companies have become increasingly comfortable with the
security of third-party cloud service providers.
According to the study, 51 percent of IT executives surveyed
believe that the cloud increases
data security overall, while 59
percent of respondents were very
confident in their ability to control
and manage access from mobile
devices to cloud services. Several
federal CIOs agreed during an April
18 panel discussion. “Trust on the
government side is increasing as
we see it work,” explained Chuck
Riddle, CIO of the Government
Printing Office during the event.
The Secret Security SauceAt Box, customers such as the
Government Services Administration
(GSA) are seeing it work because
it gives end users instant access
to critical information in a secure
fashion. GSA files — like all files that
are stored on Box — are encrypted
while they sit on Box servers, and
only those GSA users who have the
right authentication credentials can access and decrypt files.
From a rights management perspective, control lies solely
in the hands of the administrator, who controls all the account
settings and access for GSA users.
Everything from password strength and resets to the number
of failed logins allowed to session duration is customizable. In
addition, the administrator can set permission as to what users
can do once they access files. They can allow – or disallow – a
user to download, edit, or share a document, and can require
file-level password protection for confidential or high security
documents or assets. Those rights can be set to expire, too,
so contractors or employees have time-limited access to files
or instant access when they need it.
Cloud Security: It’s Not Ethereal
SPONSORED CONTENTxx
“Box gives us the perfect combination of being able to
transport information really easily, but then restricting selected
information very tightly,” explains Bob Armstrong, program
analyst at GSA.
Many of Box’s security controls are behind the scenes,
starting with the development of new code and features, says
Somaini. Everyone who works at Box — from the software
developers to the quality assurance staff — is taught to bring a
security mind-set into everything they do.
“There’s no better tool
that you can have than an
educated developer who
goes through a process from
the very beginning, who
learns how to code safely
and securely while providing
those rich features that
customers are looking for,”
Somaini says.
Box’s management
supports this security
mindset with weekly
meetings where they discuss
at length numerous security
issues, such as the current
industry situation with
advanced persistent threats
and attacks, as well as customer and partner concerns. In
addition, developers and other key staffers go through rigorous
training and certifications. They are also given access to the
many industry groups, partners, and security experts who have
been recruited to assist and collaborate with Box on cloud
security issues. The Box teams are also doing outreach on a
daily basis with partners
“All of the processes incorporate security at such a deep
level, such an expeditious level, that we’re able not only meet
the feature functionalities we need to, but we do it with an
extreme scrutiny to identify faults, issues and security concerns
so our customers don’t have to worry,” says Somaini.
Compliance and the Cloud: A Pair Made in Heaven
Security is only half of the equation, though. Compliance
with government mandated regulations is crucial for most
government and public organizations.
To that end, there are Box features that help IT more easily
meet compliance requirements. For instance, Box gives IT
the ability to access deep forensic information about who
has accessed data, where they accessed it from, and what
changes were made to the data once it was touched.
“You’re going to get a lot of information right there on the
admin console,” explains Crispen Maung, the company’s
senior director of compliance. “You’ll see a report that lists all
the users who logged in, the IP addresses they originate from,
and the date and time of their access.”
Another unique benefit that Box brings to its customers is a
willingness to sit down and
discuss business-specific
security and compliance
requirements and provide
advice about both, explains
Maung. “We want to talk
through all the different
requirements and their
interpretation of requirements
so we can help guide them
through to help them make
their systems and their use
of our systems compliant,”
he explains.
For instance, Box is
focused on making sure the
service is compliant with
the ISO 27001 standard
under Annex A, which means that it has taken a wide variety
of security and compliance issues into account, including
asset management, human resources security, access control,
information systems acquisition, security incident management,
business continuity, and regulatory compliance. “Internally,
security and compliance are huge components of our
company’s DNA,” agrees Somaini.
Finally, since one company cannot do it all, Box has created
partnerships with best-in-breed companies such as cloud
identity management company Ping Identity, mobile security
and management firm MobileIron, analytics provider Good
Data, and security control and analytics provider docTrackr.
“Whenever we are unable to execute or are possibly not
the best ones to be creating a security feature that customers
want we can turn to our partners, who are laser-focused on
these areas so that our customers get the peace of mind they
need,” says Somaini.
And when that happens, when customers have the peace of
mind and confidence in cloud security and access, everything
falls into place. •
SPONSORED CONTENT
In the age of bring-your-own-device, users want to do more than just see their content. They want to collaborate, too. Mobile devices and customized apps are making that happen for Box users. The days of the one employee/one computer paradigm
are over. Today, employees work using a variety of devices
and applications – and many are designed and released by
companies that people have never heard of. This creates
a conundrum for IT: CIOs and CISOs must decide which
applications and providers meet their users’ needs, while still
meeting the security and compliance levels that are required by
their organizations.
“The entire mobile app ecosystem
is completely fragmented,” agrees
Chris Yeh, senior vice president
of platforms at Box. “And IT often
chooses to ignore it completely due
to the fact that even when there are
mobile apps out there, there’s a lack
of confidence in them.”
The result: There are still many
agencies out there stuck using
on-premises applications, which only
work when users are in their offices
or tethered to secure networks. The
Box OneCloud ecosystem is designed to solve all of these
problems, giving agencies and organizations a way to improve
productivity and accelerate their missions.
The Box Mobile ConnectionBox OneCloud is an ecosystem of mobile apps that integrate
with Box’s core features. Using OneCloud, IT can provide users
more than 500 apps that can be used to interact with the
various file types and content that can be stored, accessed,
downloaded, and shared using Box.
In many cases, says Yeh, this also provides a way for users
to interact with workflows in their organizations even when they
are on the road or in the field. “This is something that most Box
users need to get a handle on. Box isn’t just www.box.com and
a set of mobile applications, but a platform that can start to tie
into the mission systems and provide true collaboration between
people who are on the road and in the office.”
Box’s staff is constantly working with app developers,
selecting and evaluating the most popular productivity apps in
the market and helping to integrate them securely with the Box
platform. In addition, Box works with application developers
and their clients to create custom apps that are designed
around specific missions and needs.
These apps, which are branded around the customer, make
workflow easier and more seamless, says Aaron Levie, Box’s
CEO. “What’s exciting about these apps, especially the custom
ones, is that a specific workflow or a specific set of documents
could be put out there and the employee in the field only gets
to see those documents that apply
directly to him or her.”
These apps often end up in an
agency’s or organization’s own
private app store, says Yeh, providing
another layer of security. “You’ve got
CIOs or CISO’s saying, ‘Yeah, I’m
going to build this app and it’s going
to have special requirements that are
unique to me, and I’m going to host
it privately, and I’m still going to take
advantage of all of the power of the
Box platform to enable it.’”
These users can create specific
paths within those apps that streamline use on-premises, too.
So, for instance, someone who was visiting an agency for a
day can be given a mobile device that – when Box and the
app is launched – takes them directly to the view and content
that they are supposed to see. The process is simplified even
further by Box customer success managers, who are available
to answer questions, handle issues, and advise organizations
on the best ways to roll out Box to the entire organization. And
this is only the beginning, says Levie.
“We have about five hundred partners on OneCloud today.
We hope that we can eventually get into the thousands of
developers using this platform. This is a huge part of our
strategy and what we offer to agencies and the enterprise:
Being open and being able to serve all of these different use
cases quickly, securely, and instantly.” •
Customized Content and Collaboration in the Cloud
SPONSORED CONTENT
Cloud adoption has shifted into the mainstream, according to the
third annual Future of Cloud Computing Survey, released June
2013 by North Bridge Venture Partners and GigaOM Research.
Cloud adoption was up from 67 percent to 75 percent. More
important: 52 percent of organizations say they are using cloud-
based applications to advance business priorities. Gaining business
agility, cited by 54.5 percent of respondents, was the main reason
behind the push to the cloud. Box is one of those companies
making it easier for organizations to improve business outcomes
and boost productivity for employees, partners, and, in some
cases, customers. FCW spoke to Chris Manouse, senior director,
Box U.S. Federal Government, to learn more about what the
company brings to the public sector.
FCW: What are the basic business problems that
government and other public sector organizations are
looking to solve using Box ?
Manouse: There is a range – but for many it is as simple as what
agencies call their Dropbox problem. They have employees who
want access to their content anywhere at any time on any device,
which is a good thing. However, what happens is they start to
bring in these unsanctioned tools that create a problem because
there’s no way to find out what they are doing with the content or
who they are sharing it with. This is a problem for Federal CISOs.
With Box, sync and share is table-stakes. However, we provide it
with the enterprise security controls and governance required by
the CISOs. Yet, most agencies want to do more – they want to
collaborate; they want to securely exchange content and advice
with colleagues who are not with them or perhaps external to their
agency. Furthermore, over the past several decades, agencies
have deployed very complex – and quite expensive – enterprise
applications to manage the business processes that require these
interactions, but the minute an employee leaves the building they
are instantly disconnected. In addition, if they have to interact with
individuals outside of those organizations that don’t or can’t access
those systems that presents an even bigger problem.
FCW: What are the biggest misconceptions about Box?
Manouse: Many folks don’t have visibility to the platform side of
Box, nor the enterprise security and administrative controls that
are availed to our enterprise customers. As a result, it may not be
obvious the power that Box provides as compared to consumer
tools or other point sync-and-share solutions.
FCW: Where have your government customers and users
seen the biggest benefit and return on investment (ROI)?
Manouse: In some cases it is easy – it is as easy as using Box to
replace a lot of investment for things like file shares and “S” drives,
or leveraging Box to eliminate infrastructure for things like managed
file transfer. They are spending money on storage, infrastructure,
disaster recovery, and backup and the personnel to manage these
outdated systems. The millions of dollars they spend on legacy
systems could be put to better use or be dramatically reduced.
That represents immediate ROI.
I spoke to one agency with a mission that involves recruiting –
mostly younger people. And they very much compete for the best
and brightest. In order to review the applications, which arrive in
one part of the country, they FedEx them, spending to the tune of
seven figures a year, as their means of collaboration. The simple
mechanism of creating application folders inside of Box and having
reviewers access them online would eliminate more than one
million dollars a year. Plus, they’d be more competitive because
the candidates could fill out their applications on Box and have an
electronic interface with them. Or consider an organization like the
U.S. Air Force with their initiative to bring iPads into the cockpit.
They don’t want to haul heavy, 30- to 40-pound briefcases that
contain flight manuals and instructions, plus they may be in parts
of the world where they aren’t able to connect back to the official
systems. They need to be able to get to these documents and
collaborate on the mission with field-level collaboration – and the
reduction of weight in the cockpit has the potential to save millions
in fuel cost. And there are hundreds of other use cases I could give
you, too.
FCW: How does someone find out if Box is right for their
agency or organization?
Manouse: In every single instance we sit down and discuss the use
case of what they are looking to do. Then we can stand up a test
environment that’s unique and specific to their content so they can
see that they can control everything and create content processes
that are meaningful to their missions. They can also vet the security
and compliance perspective of Box. These free pilots are typically
30 days and allow customers to see firsthand how Box can meet
their requirements from both an IT and end-user perspective.
Because the application is so intuitive, users are up and running in
no time with a full admin console on the backend for IT. •
Solving the Data Leak Issue
To learn more about Box, Inc’s products and services, please go to https://cloud.box.com/business/industry/government/.
To reach a Box representative, e-mail [email protected] or call 1-877-729-4269.