by Mike Masnick
Wed, Dec 3rd 2008 5:17pm
Network World has a great opinion piece about the fact that no one gets fired for banning instant messaging at work, noting how security policies often over-protect at the risk of harming potential efficiencies. This has been true for years. When telephones first became common, some companies banned anyone from having a telephone on their desk. In later years, it was true of desktop computers, internet connections, certain applications and specific websites. Lately, there's been an effort to ban social networks. In each case, the reasoning is pretty clear. Security professionals want to lock things down, and the easiest way to do that is to simply ban stuff. It's not their job to see if the applications are actually useful or could provide real ROI to a company. So the real question is how can companies avoid being overly aggressive in banning applications or websites, while still avoiding opening themselves up to too much risk?
If you liked this post, you may also be interested in...
- FTC Sues D-Link For Pretending To Give A Damn About Hardware Security
- After Lawsuits And Denial, Pacemaker Vendor Finally Admits Its Product Is Hackable
- Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems
- Stupid Patent Of The Month: Carrying Trays On A Cart
- European Information Security Advisory Says Mandating Encryption Backdoors Will Just Make Everything Worse