Thursday, August 2

Ten Things Your IT Department Won't Tell You - WSJ.com

The Wall Street Journal recently published a list of 10 things that are commonly banned in the enterprise but still manage to get done.

1. HOW TO SEND GIANT FILES
2. HOW TO USE SOFTWARE THAT YOUR COMPANY WON'T LET YOU DOWNLOAD
3. HOW TO VISIT THE WEB SITES YOUR COMPANY BLOCKS
4. HOW TO CLEAR YOUR TRACKS ON YOUR WORK LAPTOP
5. HOW TO SEARCH FOR YOUR WORK DOCUMENTS FROM HOME
6. HOW TO STORE WORK FILES ONLINE
7. HOW TO KEEP YOUR PRIVACY WHEN USING WEB EMAIL
8. HOW TO ACCESS YOUR WORK EMAIL REMOTELY WHEN YOUR COMPANY WON'T SPRING FOR A BLACKBERRY
9. HOW TO ACCESS YOUR PERSONAL EMAIL ON YOUR BLACKBERRY
10. HOW TO LOOK LIKE YOU'RE WORKING

This blog has talked about facebook in the past and has referenced JP Rangaswami's excellent series of articles on this subject. But this is a serious issue because organisations expend a huge amount of energy, resources and money on how to get controls in place. You see, in this day and age, we are having more and more processes which are automated. Supply chains are giant, long, complicated and very often do not have any human intervention. So breaks in the chain are extremely difficult to resolve, so IT and operations departments try to keep things as safe as possible.

Take an example of an operating theater. The human body is complicated and they keep the doors sealed, with no dust or infection coming in. They ask doctors to wash and clean their hands and wear masks. Now a doctor might skip the wash and might not shampoo, so in some cases, the controls do not work and the downside is, the patient gets sick and in some worst cases, the patient dies!. its the same concept, nobody dies, but there is a huge amount of issue and IT controls are to provide a nice, clean, low risk environment for everybody to work in. Operational Risk CAN bring down firms (remember Barings?) so for people circumventing controls (whetehr IT, operational or process), be warned, the controls are there for a reason. See here for a survey on Rogue IT.

No comments: