I participated on a panel discussion at SecureWorld Boston yesterday. The discussion topic was striking a balance between productivity and security and it yielded three thoughts that I would like to discuss in today’s blog.
- The notion that our companies are going to employ the same type of security policies that we used over the last 30 years is ludicrous. With the arrival of the digital natives into the workforce, simply assuming that your new knowledge workers can adapt to your existing security policy is a farce.How do you establish security mechanisms for information when the people who use this information and data on a daily basis have a much more radical perception on information security and risk? Most digital natives think nothing of providing personal information via the Internet because there is a firm understanding that the information already exists there. These digital natives have grown accustomed to the idea that you should check your credit report every six months and always look for fraudulent charges when the statement arrives.
That’s much different than the digital immigrants, who were taught to hold onto information as if it were classified government secrets. Unfortunately for us (I am also a digital immigrant), the digital natives will take over the workplace and that means the policies and technologies that we put in place to ensure proper risk mitigation have to be elastic and extensible to give new workers, new partners, and new customers the experience that they will be accustomed to in this world of digital natives.
Action item: Be prepared to create security policies and procedures that take into account the contextual sensitivity of the owner and user.
- Speaking of information technology over the last 30 years, isn’t it amazing that FTP, HTTP, and SMTP continue to be the focal point of where companies need to perform risk mitigation, data loss prevention, malicious code detection, and every other security buzzword there is? Why is that? Because more often than not, those of the forward facing protocols were implemented by humans. Got to love it.
- My last comment during the panel was controversial…so why not repeat it? The question from the moderator was: What should companies do today to best balance worker productivity and security concerns?
My answer was that all companies should single out people. Each of those people should be tasked with understanding everything about the current and future strategies of Microsoft, Google, Apple, and IBM. Microsoft because they make insanely difficult computing tasks ridiculously easy; Google because they do the above for free; Apple because they do the above and aim to have consumers bring their technology into the organization; and IBM because they will perfect it and charge enterprises a premium.
Just something to think about…
Frank Kenney is Vice President, Global Strategy and Product Management at Ipswitch, responsible for defining the company's vision and strategy and integrating his global perspective into the products, services and messaging. Frank brings an unmatched depth of experience and knowledge in the managed file transfer space to the team. Most recently, Frank was a Research Director at Gartner, Inc., responsible for analyzing topics including managed file transfer, application integration, SOA, and business process management. He initiated and drove the Magic Quadrants on managed file transfer and SOA governance technologies. Before joining Gartner, Frank was Director of Creative Services and Content Distribution at the Executive Business Group. Frank holds a degree in Music Technology from the Center for the Media Arts and has studied English and Computer Science at University of Tampa. When not working, Frank can be found living the life of a frustrated musician and producer in his home studio in Tampa.
One Response to “Striking a balance between productivity and security”
Leave a Reply