Safe choices drive security policies

December 9th, 2008

Working in many companies as an IT consultant allows me to see a broader spectrum of policies, business justifications and processes than many of the clients I work with, especially if they have been with their company for many years.  One of the more vexing notions that continue to surface in different forms is making decisions based on the logic of the herd concept.  Or put another way, let’s pretend we are lemmings!  Many years ago it was “No one got fired for buying from IBM” and after that “No one got fired for hiring Andersen Consulting” and there are more permutations of this phrase than time allows to list.

A recent iteration is “No one got fired for banning IM”.  There was an article in December 1, 2008 issue that covered this topic with a touch of humor and angst, written by Andreas Antonopoulos.  

Conducting business entails risk.  Does not matter what type business you participate in.  Instant Messaging (IM) and various chat capabilities available to companies internally and externally are nothing more than extensions of using a phone or sending e-mail (really fast!!).  Those forms of communications are not banned and are seen as integral communication methods.  IM is just a variation of those methods.  It is often easier for security groups within companies to just say “NO” than to develop creative methods to support the business. 

Most companies I have worked in allow users Administrative privileges for their Widows laptops.  Even though that is a really bad idea and allows everyone to load software they bring in from home, they do not trust them to conduct business over IM.   

Let Daniel L. Ruggles  and the team at PM Kinetics, LLC help you understand and navigate the complexities of Cloud Computing, Sourcing and Capital Planning, Vendor Management, IT Security, IT Infrastructure planning and execution.