Computer Literacy Isnt Kid Stuff

Opinion: When it comes to encryption, senior managers can't afford to lack tech savvy in today's world.

The label of "computer literacy" isnt useful for much besides inducing taxpayers to spend too much on irrelevant classroom technology.

It can be used to describe a working knowledge of the generic menu-driven interface of file and edit menus, as well as associated concepts such as files and directories.

It can equally be applied, though, at a much lower level, to the basics of digital circuitry or, at a much higher level, to a strategic perspective on information acquisition and use.

A label that means so many different things means practically nothing. Defining computer literacy is like trying to define "life," "space" or "energy"—pursuits that may be entertaining but dont really bring much to the bottom line or shorten your to-do list.

Thats no excuse, though, for failing to come to grips with the need for senior managers to get a clue about the century in which they live.

Computer literacy may be hard to define, but computer illiteracy is costly.

/zimages/3/28571.gifClick here to read about the struggle for communication between IT help desks and customers.

What got me going on this was the story that came to light in April about Bernardo Provenzano, accused of being a real-life "boss of bosses" of organized crime in Italy. Provenzanos arrest was quickly followed by the discovery of a mass of encrypted correspondence.

My fingers rebel at typing the word "encrypted" in this context, since the method that Provenzano used has been accurately described by crypto guru Bruce Schneier as barely good enough "to stop your kid sister from reading your files."

The hundreds of recovered notes used the same technique of shifted letter-to-number conversion as a 1940s Captain Midnight decoder—a classic toy. Perhaps its no coincidence that this was the state of the art in personal crypto technology when Provenzano was an impressionable preteen.

And Id be complimented if any reader of this column recalls, at this point, that I said this would happen—not that a crime boss would be indicted by his own poor choice of algorithms, but that shallow knowledge of infosec practice would make someone think that any encryption method is as good as any other.

My comment came in the context of Californias SB 1386 law mandating disclosure of security breaches when "unencrypted personal information [is] acquired by an unauthorized person." As I observed here in July 2003, "Weak crypto algorithms or poor implementations of good algorithms or poorly administered deployments of even robust crypto products are equally hollow in their promises of protection."

Even so, that California law uses the word "encrypted" as if its a yes-or-no attribute—and a man of questionable character, but with enough intelligence to elude the law for four decades, seems to have made the same mistake.

Managers who dont "get" technology are a staple of comic strip humor, but Provenzanos example ought to give that laughter a nervous edge. Do you work with senior managers—intelligent people with plenty of good business sense and considerable domain expertise—who are dangerously out of touch with some of the fundamental changes that have taken place in just the last 10 years, let alone since they were last on a campus as anything but honored guests?

A manager who is not yet 60 years old may have been imprinted in his or her 20s with the idea that databases are tools for storage, not for analysis. While your competitors are data mining with tools like SPSS Clementine, your company may think that its keeping managers informed by giving them data dashboards that require looking for patterns instead of letting algorithms spot them sooner.

A manager may think that data entry is something done by people filing end-of-day reports, while your competitors are deploying bar code and RFID (radio-frequency identification) scanners feeding real-time monitoring systems. The competition may be getting, on average, at least a half-day lead in responding to changing situations—and that can be enough to make a difference.

The boss can be a tough, smart person but still have IT blind spots that can bring an enterprise down. If people are afraid to say so, thats a truly bad sign—a faithful consigliere owes it to his capo to say what must be said.

/zimages/3/28571.gifClick here for reader response to this column.

Peter Coffee can be reached at

/zimages/3/28571.gifCheck out eWEEK.coms for the latest news, reviews and analysis on IT management from