Malice in Wonderland

Tue, 16 Mar 2010 17:14:41 GMT

Lewis Carroll described the IT security scenario CIOs face perfectly

Despite best efforts by enterprises and security vendors; recent news stories and the prevailing opinion of executives I talk with both indicate a growing concern over information theft from malicious activity. Is this concern justified?

Data from the threat assessments we have carried out across the globe would certainly seem to indicate that it is. Based on 130 assessments...

Social networking is coming, so plan your policies

Tue, 16 Feb 2010 10:55:04 GMT

Social Notworking?

Enterprise social networking can take many forms, in-house wikis, blogging platforms, podcasts, vodcasts or full blown social networking platforms. Jimmy Wales, the co-founder of Wikipedia, famously described these as environments that "practice the philosophy of making it easy to correct mistakes, rather than making it difficult to make them" and that is the source of the discomfort within the enterprise when it comes to adoption of social networking.Nevertheless, indications from business seem to say that enterprise adoption is coming whether officially sanctioned or not. Much as earlier technologies such as email or instant messaging (or, if you can remember that far back, even the presence of a telephone on your desk) social networking platforms afford employees opportunities for communication and collaboration which are difficult to deny. With hindsight, the benefits to business are clear. It is my feeling the same will be said of social networking and other collaborative platforms in the future.Social networking can be, and is being, used to reach out to your customers to solicit feedback on product launches in real-time, to proactively engage with less than satisfied customers and fix their problems, to create awareness of new social or commercial initiatives and in many cases to forge entirely new commercial infrastructures as we see in the music industry. Producers can open dialogue directly with consumers and create a feedback loop that drives innovation and improves customer understanding. Even mega corporations such as IBM have been engaging in their "Innovation Jam" using online collaboration tools since 2006 engaging tens of thousands of participants across the globe.As Jimmy Wales noted though, these platforms do not eliminate the possibility of mistakes; in fact often their high public visibility and open nature could be said to exacerbate that possibility. An ill-considered remark in the confines of the office may be cause for disciplinary procedures, but it doesn't affect your external image in most cases. An ill-considered Tweet though can generate pages of negative publicity and cause severe brand damage, look no further than Vodafone at the beginning of February or the Virgin Atlantic cabin crew who insulted their customers and questioned the cleanliness of their aircraft.The examples above do not of course cover the full range of security considerations around social networking; hijacked accounts, posting of confidential information, the ever increasing popularity of web 2.0 as an infection vector, shared passwords for shared accounts and the lack of audit trail and time wasting all help fill it out the portfolio a little. Blanket bans will only serve to spur your employees into creative ways around your roadblock, perhaps by using those risky "anonymous" proxies that spring up like mushrooms.Even against the background of all those risks though, the possibilities for collaboration and communication between disparate but connected groups on varying platforms over great distances, plus the human desire for sociability, all mean that social networking is coming to the workplace if it isn't already here.It's up to you if you manage it, or cope with it...Further reading:Power to the people? Managing technology democracy in the workplace - http://graphics.eiu.com/marketing/pdf/Technology%20Democracy.pdf

What's the problem with DLP?

Thu, 28 Jan 2010 12:27:17 GMT

DLP never came to fruition in 2009, but will become critical for CIOs

2008 was the year that major security vendors were in acquisitive mood for Data Leakage Prevention technologies. All expectations were that 2009 should be the year that saw the first major enterprise deployments of this technology, but it has been slow in coming to say the least. So what is the problem with DLP?

To my mind there are two distinct issues, the first is really the lack...

CIOs must control the cloud to ensure security

Mon, 14 Dec 2009 12:07:51 GMT

Trend Micro expert puts his faith in CIOs to make cloud computing a security success

Three quarters of UK CIOs see security as being the major barrier to cloud adoption according to recent research and yet if you take a look at the Wikipedia (I know, I know) entry on cloud computing, security is listed as one of the key characteristics of cloud-based services, how can this be?

Conservative Technology Forum focusses on data ownership

Thu, 19 Nov 2009 11:58:46 GMT

What will the Tories do if they win?

At the beginning of this week I was invited to be a speaker at the Conservative Technology Forum alongside Liam Maxwell.

Rik Ferguson

Malice in Wonderland

Social networking is coming, so plan your policies

What's the problem with DLP?

CIOs must control the cloud to ensure security

Conservative Technology Forum focusses on data ownership