Jurassic Plaque: How Fear Impedes Security

Opinion: If the most fearful users set security criteria, the real goal is forgotten in a neverending quest for more security.

God help us; were in the hands of engineers." – Dr. Ian Malcolm, Jurassic Park

In my last column I explained how organizations that enforce the strictest corporate security are often the ones that end up being the least secure.

Contemporary technology and the way contemporary technologists implement it are partially to blame, but most of that paradox is something most companies can repair—with enough money, time, interest and experience. What you cant change is the response of the end users to overly secured systems.

Its not just people writing their passwords on Post-It notes; its the loss of productivity that comes from the quotidian rassling they have to do with appliances they have to use to work and the resulting loss of faith in the mission the appliances are supposed to support.

Life Finds a Way

Unless youre running a Red Chinese bonded sweatshop or a sheltered workshop in the States, the people who use your systems are motivated in such a way that theyre much more productive when management shows respect for their time than when it doesnt.

Technologists and naïve executives often approach security as though securing the appliances is the mission. The key instigator of that trend is the lust for a level of security that goes beyond what people, technology and time can achieve gracefully.

In pushing the systems beyond what they were designed to achieve, management is warping the implementation and making it something that gets a little more effective at protecting itself from external predators while becoming a lot less productive for the people its allegedly serving.

/zimages/5/28571.gifRead the full story on CIOInsight.com: Jurassic Plaque: How Fear Impedes Security