Posted by: David Scott
acceptable use policy, business security, cisco, disaster recovery, InsightExpress, IT security, security policy
On June 24th, Cisco released survey results regarding use of social networking sites and the use of personal devices in the workplace. (Conducted by InsightExpress).
The survey is illuminating and very good, but I didn’t need it to know the extent of the problem. I see it every day, and I see the security breaches that result. Employees – users – are working around policy and security postures to access and utilize social networking, collaborative, and peer-to-peer sites – even obvious no-nos such as porn sites or sites with highly inflammatory content. And, employees are also installing their own apps and devices, using them indiscriminately.
Here again the enterprise has the challenge of defining what’s allowed, how, how much, and when. Often these liberties with as-yet unapproved methods and means happen within the vacuum of lagging or outdated policy that doesn’t even define, much less address, the challenges.
Workarounds have their place, but so does policy, process and sanction. Don’t let your environment turn into a Wild West of split and scattered chains of communication; or, imagine new critical contact information that exists only in spurious realms. Avoid having vital and reinforcing content that’s fractured across, and stripes through, various domains – domains and mechanisms that may be “here today and gone tomorrow” endeavors.
June 24th: On this day in 1314 was the Battle of Bannockburn; Scotland regains independence from England.