by Mike Masnick
Wed, Dec 3rd 2008 5:17pm
Network World has a great opinion piece about the fact that no one gets fired for banning instant messaging at work, noting how security policies often over-protect at the risk of harming potential efficiencies. This has been true for years. When telephones first became common, some companies banned anyone from having a telephone on their desk. In later years, it was true of desktop computers, internet connections, certain applications and specific websites. Lately, there's been an effort to ban social networks. In each case, the reasoning is pretty clear. Security professionals want to lock things down, and the easiest way to do that is to simply ban stuff. It's not their job to see if the applications are actually useful or could provide real ROI to a company. So the real question is how can companies avoid being overly aggressive in banning applications or websites, while still avoiding opening themselves up to too much risk?
If you liked this post, you may also be interested in...
- Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets
- Self Driving Taxis Are Going To Be A Nightmare To Secure, Warns Ex-Uber Security Researcher
- The Teddy Bear And Toaster Act Is Device Regulation Done Wrong
- German Consumers Face $26,500 Fine If They Don't Destroy Poorly-Secured 'Smart' Doll
- Techdirt Podcast Episode 116: The Truth About VPNs