jump to navigation

Skin on Metal December 7, 2007

Posted by Michael McVey in Colleagues, Hardware.

glasses   “How many pairs of eyes do you have?”

When I first began work as a Director of Technology, I would amuse myself by gathering up my network manager’s reading glasses from behind computers, under desks, next to phones, wherever you could lose them in the normal course of a day. When I reached thirty pair of them I just piled them on his work bench.

When you only have one pair of glasses, you tend to take care of them. When you have thirty pair, you become careless. Such is the case with IT security these days.  According to the Great Lakes IT Report, almost 40 percent of IT professionals have lost a handheld computer, zip disk, or memory stick. Half of the respondents copy secure data onto memory sticks and almost half appear not to have a basic understanding of basic security policies.

If each memory stick cost a couple of hundred dollars, I suspect we would be more circumspect about the information we transferred onto it and where we kept the little thing during the day. But if they are as easy to come across as a cheap pair of reading glasses, then there is little motivation to monitor them.

It’s interesting to me that part of the solution to IT security is so bound up with basic human traits and habits. In the IT world, where the “rubber hits the road” is where the “skin touches the metal.”



1. Kevin J. Galbraith - December 7, 2007

It’s true, USB drives are the floppy disks of the current decade for some. I remember shuffling through the piles of floppies 15 years ago, looking for “the one I saved that file on.” Today, it’s common to see people fingering away at the various USB drives they carry in their laptop backpacks, while muttering, “where’s the one with the PDF!?”

Luckily, I think I managed to miss the glut of USB drives. I do have a few, but mostly to put things on to give to other people… and I don’t give files with sensitive information. Doing it this way, I hope I’m creating fewer CD-Rs that will eventually end up in a landfill someplace.

You can read the entire “Data Security Policies Are Not Enforced
US Survey of IT Practitioners” report here: http://www.redcannon.com/documents/RedCannonPonemonReport.pdf

2. Jane - December 7, 2007

Mike and Kevin, thanks for the valuable insights. In our MI-LIFE curriculum launching next month, we instruct on the use of USB drives, but now, thanks to you, we will include the importance of security and offer the Red Cannon report as a resource.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: