Scroll to top
© Optimize Consulting Inc. | All Rights Reserved

Money in your Pocket

Optimize Blog - October 31, 2013 - 0 comments

Apparently it appears that call centres in Jamaica are stapling workers’ pockets shut to prevent them from stealing clients’ data.
Reports suggest managers are so concerned about client privacy that some workers aren’t given jobs without taking lie-detector tests. Company boss Davon Crump is quoted in the Jamaica Gleaner as saying firms use staplers to ensure employees can’t sneak devices capable of downloading information, such as USB drives or mobile phones, into work. “Quite frankly it’s done across the board,” Crump reportedly told a cyber-security conference, before adding that such measures were necessary to make foreign companies confident about operating in Jamaica.
Client and other data is a key concern for all of industry and with the ongoing hacking and other security breaches such as the recent Adobe scenario, industry is correct in being concerned. All that being said, like many stated ‘priorities’ the reality is often very different from the claim with little or no real controls in place to prevent data loss in many organizations. Often the view is that it happens to others and not us but as we often state, hope is not a strategy.
Not too long ago IT security was a simple affair and little attention needed to be paid to the threat. The IT team established a secure perimeter around the system leaving the computers inside the firewall safe from harm. Locked-down desktops (that stop users installing their own software), anti-virus software, limits on the size and type of e-mail attachments were all part of the defenses; USB sticks were expensive and unreliable.
Today workers are taking IT into their own hands. To get the work done they use their own smartphones, netbooks and other digital devices. Plenty of malware, meanwhile, enters corporate networks through unsecure links shared carelessly on social networks. “The IT guys have been told to do one job, so they lock things down and rule out the use of applications such as Google docs. And the workers are told to do another job, to get their work done, so they start using Google docs, and the power balance is moving away from the IT guys,” says Josh Klein, co-author of Hacking Work, a guide on how to “break stupid rules for smart results”.
According to a survey by networking firm Cisco, 41% of workers break corporate IT policies, saying that “they need restricted programs and applications to get the job done – they’re simply trying to be more productive and efficient”. Frankly this is the biggest current threat to information security and it is a culture clash.
Employees today are much more IT savvy and have different expectations around the use of IT and applications. The whole concept of apps is to make life easier so why would this not apply in the workplace?
Ultimately, corporate IT security is not about better IT policies and compliance, not least as “the time spent between work and personal lives has blurred,” says Marie Hattar, vice president at Cisco.
“It has to be about protecting users while they are on social networking sites, not preventing them from social networking,” argues Dr Paul Judge, chief research officer at Barracuda Networks. His company estimates that about 30% of all Twitter accounts are suspicious and not used for what they are supposed to be used for.
Companies need to protect themselves and to ensure that no malicious applications are entering the corporate infrastructure.
One thing is certain in the clash between productivity, getting stuff done, and information security, progressive companies need to get a grip and find an appropriate balance. As the fortress of IT security lies in ruins and as the amount of data we generate grows exponentially, this issue is not going away.
Take a look at the information security practices in your team. Are you feeling comfortable or do you need to invest in some staplers…….?

Related posts

Post a Comment