Opinion: When it comes to encryption, senior managers can't afford to lack tech savvy in today's world.
The label of "computer literacy" isnt useful for much besides inducing taxpayers to spend too much on irrelevant classroom technology.
It can be used to describe a working knowledge of the generic menu-driven interface of file and edit menus, as well as associated concepts such as files and directories.
It can equally be applied, though, at a much lower level, to the basics of digital circuitry or, at a much higher level, to a strategic perspective on information acquisition and use.
A label that means so many different things means practically nothing. Defining computer literacy is like trying to define "life," "space" or "energy"pursuits that may be entertaining but dont really bring much to the bottom line or shorten your to-do list.
Thats no excuse, though, for failing to come to grips with the need for senior managers to get a clue about the century in which they live.
Computer literacy may be hard to define, but computer illiteracy is costly.
Click here to read about the struggle for communication between IT help desks and customers.
What got me going on this was the story that came to light in April about Bernardo Provenzano, accused of being a real-life "boss of bosses" of organized crime in Italy. Provenzanos arrest was quickly followed by the discovery of a mass of encrypted correspondence.
My fingers rebel at typing the word "encrypted" in this context, since the method that Provenzano used has been accurately described by crypto guru Bruce Schneier as barely good enough "to stop your kid sister from reading your files."
The hundreds of recovered notes used the same technique of shifted letter-to-number conversion as a 1940s Captain Midnight decodera classic toy. Perhaps its no coincidence that this was the state of the art in personal crypto technology when Provenzano was an impressionable preteen.
And Id be complimented if any reader of this column recalls, at this point, that I said this would happennot that a crime boss would be indicted by his own poor choice of algorithms, but that shallow knowledge of infosec practice would make someone think that any encryption method is as good as any other.
My comment came in the context of Californias SB 1386 law mandating disclosure of security breaches when "unencrypted personal information [is] acquired by an unauthorized person." As I observed here in July 2003, "Weak crypto algorithms or poor implementations of good algorithms or poorly administered deployments of even robust crypto products are equally hollow in their promises of protection."
Even so, that California law uses the word "encrypted" as if its a yes-or-no attributeand a man of questionable character, but with enough intelligence to elude the law for four decades, seems to have made the same mistake.
Managers who dont "get" technology are a staple of comic strip humor, but Provenzanos example ought to give that laughter a nervous edge. Do you work with senior managersintelligent people with plenty of good business sense and considerable domain expertisewho are dangerously out of touch with some of the fundamental changes that have taken place in just the last 10 years, let alone since they were last on a campus as anything but honored guests?
A manager who is not yet 60 years old may have been imprinted in his or her 20s with the idea that databases are tools for storage, not for analysis. While your competitors are data mining with tools like SPSS Clementine, your company may think that its keeping managers informed by giving them data dashboards that require looking for patterns instead of letting algorithms spot them sooner.
A manager may think that data entry is something done by people filing end-of-day reports, while your competitors are deploying bar code and RFID (radio-frequency identification) scanners feeding real-time monitoring systems. The competition may be getting, on average, at least a half-day lead in responding to changing situationsand that can be enough to make a difference.
The boss can be a tough, smart person but still have IT blind spots that can bring an enterprise down. If people are afraid to say so, thats a truly bad signa faithful consigliere owes it to his capo to say what must be said.
Click here for reader response to this column.
Peter Coffee can be reached at email@example.com.
Check out eWEEK.coms for the latest news, reviews and analysis on IT management from CIOInsight.com.