Playing on the gap between what employees do with their work computers and their IT departments’ wishes that they wouldn’t, The Wall Street Journal ran an article titled, “Ten Things Your IT Department Won’t Tell You” July 30. Situation sound familiar?
Really, how could it not be: There is no question that for a good lot of employees, their work computer is a “home away from home” where they shop for birthday gifts, watch YouTube and IM with friends to make evening plans, even when they have the full knowledge that it goes against their employers’ policies.
Is it because employers and IT departments are green meanies, control freaks and generally no fun whatsoever? The WSJ seems to know that this is not the whole picture:
“Partly, they want us to work while we’re at work. And partly, they’re afraid that what we’re doing compromises the company’s computer network — putting the company at risk in a host of ways. So they’ve asked their information-technology departments to block us from bringing our home to work.“
And yet, the WSJ proceeded to inform readers of 10 ways they could get around their IT departments, from surfing blocked sites without leaving any traces to carrying on IM chats without downloading software, while only giving brief mention to the security risks at hand.
Predictably, IT professionals not pleased. Running responses with titles including “Taunting the CIO,” “Sanity Check: Did The Wall Street Journal sabotage businesses…?” and “The Wall Street Journal’s Irresponsible And Dangerous Attack On Corporate IT” the vast majority called the article unequivocally damaging, naïve and a CSO’s worst nightmare.
The web log, An Information Security Place said “the WSJ needs a smack upside the head.” Andy IT Blog, wrote an open letter to the WSJ reporter, Vauhini Vara,
“As a security professional my days are filled with trying to protect the assets of my company. I strive to educate my users to practice safe security and not do things that will put the network or the company at risk. Your article has just thrown lots of work out the window.“
Yet, others took a more far-sighted approach, reasoning that users already know how to do all of this stuff as the information was available elsewhere but also that perhaps its time for IT departments to take steps to bridge the gap between what users want and what they know is safe.
Ceasing framing the issue as a “Users Versus IT” war, helping users take part in safe personal computing–from shopping to emailing to IM-ing in their workplace downtime, and for CIOs and corporations to recognize that an iron fist is not going to keep employees happy were some of the suggestions that stood out in responses, and in all likelihood, are the trains of thought that will keep IT departments relevant in the Enterprise 2.0 hereafter.
