Collaboration Technologies Are Here to Stay!
During a Steering Committee planning call for IANS’ Lone Star Information Security Forum in mid-June, Chairman and Keynote speaker James Beeson raised a very interesting point that I hope all security professionals will consider seriously: collaboration technologies are here to stay! Security professionals need to accept them and start leveraging these technologies to their advantage.
In Mr. Beeson’s opinion, the gap between Baby Boomers, who have generally worked their way up to management positions and thus dictate policies, and Generation Y is causing tension, particularly evident for info sec professionals. Having grown up with email, instant messaging, and texting, Gen Y is accustomed to using these tools as primary modes of communication. As this generation makes up a larger portion of the workforce, the demand for access to these tools will be greater with each new class of entry-level hires. They communicated with professors and fellow students online, registered for classes online, accessed course material over the internet, never had to wait for a book to be shipped from another library in order to do research, accessed grades through their mobile, and ordered late night pizza via campusfood.com. Their expectation of a virtual communication style is already well established and a key to their efficiency in the workplace.
So is it a stretch to think that these same people will communicate with their peers in a work environment any differently? Why wouldn’t Gen Yers negotiate a $5 million dollar business deal via text?
There have been many demonstrations of how social media is positively affecting communication and collaboration. Take, for example, the Haiti earthquake last year. Immediately after the devastating incident, non-profit organizations were able to set up assistance and aid programs leveraging networks on sites like Facebook, Twitter, and LinkedIn. Seemingly instantly, people could donate time and money to these relief efforts through one simple text, and it was all done securely without a single breach reported!
In a business environment, text is now being used as an effective form of 2nd factor authentication. Considering the SecureID breach, security teams are searching for different authentication schema to protect critical assets. In response, a new breed of mobile two-factor authentication tools, like those from PhoneFactor and SMS Passcode, are popping up and offering security reliant upon social communication tools in a business environment (which is a sigh of relief for security professionals).
A real life example, described by Mr. Beeson, of good use of technology for collaboration is a programmer uncovering a suspicious line of code. With his mobile available he can take a picture of it and text it to his programmer friends or post it to an online forum asking for their thoughts and opinions. Immediately he will receive feedback, cutting down the mean time to solution. While this case certainly demonstrates opportunity, there is also great potential for the misuse of technology. According to research conducted by the CSI/FBI, the insider threat is just as real, and potentially more costly, than externally based attacks. Thus, security professionals cannot ignore the “bad” of social collaboration based on fear alone, but they must understand that blocking social technologies can undermine the “good” that can come from employees responsibly sharing information.
Considering this, it is time security professionals accepted the reality of social media and instead of trying to block it, allow it on their networks and find ways to leverage it. No one is suggesting unfettered access that offers employees the ability to waste their day on social networking sites, post confidential information where it’s not supposed to be, or let sensitive data leave a company’s purview.
What IANS is suggesting, based on the feedback from our Steering Committee and Forum delegates, is that security comes together as an industry to discuss how to securely innovate around social and collaboration tools that will advance business. This, after all, is the goal of most of our security clients; to move beyond Security 2.0 into a phase where security is the cornerstone of business decisions. The debate on social media in the workplace is a hot topic among IANS clients and, although our clients are at various stages of allowing social media sites on their networks, offering incentives for BYOD, and encouraging collaboration through company sponsored tools like instant messaging, one message rings loud and clear: no matter your current stance on collaboration tools in the workplace, create strong, enforceable, and regularly revisited policies that are backed by both security and lines of business.
We invite you to attend one of our upcoming Forums and join the discussion with key security executives across the country – we’d love to hear your thoughts on how to achieve these goals!
Archives
- March 2012 (2)
- February 2012 (2)
- January 2012 (3)
- December 2011 (5)
- October 2011 (1)
- September 2011 (1)
- August 2011 (4)
- July 2011 (4)
- June 2011 (5)
- May 2011 (7)
- April 2011 (4)
- March 2011 (4)
Next Event
Space is limited, reserve your spot today