Saturday, November 20, 2010
A People Centric Approach To Data Security
Josh Bernoff in his book Empowered talks about how Web 2.0 tools make us think about security differently. He says that IT administrators are used to securing the network of the organization. They did not allow anyone without the right authorizations to access the network and did not let people in the organization access suspicious software or content outside the network.
With the advent of Web 2.0 tools and the subsequent adoption of Web 2.0 tools by businesses, IT leaders suddenly realize that a significant portion of software usage and information exchange between employees and customers is happening outside of what was traditionally considered the network of the organization.
For example, a customer service person may be directly interacting with a customer in twitter or in a discussion forum outside the network of the company. Two employees working from home may be using a web conferencing software hosted outside the network of the company and may be using hosted tools such as Box.Net or Evernote to exchange files.
In such situations, says Josh, focusing on the people in an organization and educating them about data security is the best approach to securing your organization's intellectual property and reputation. Locking down your organizations network is not only ineffective, but also not feasible.