This week’s edition of The Economist has an excellent Special Report on Personal Technology.
One of the articles, IT’s Arab spring, looks at how the consumerisation of IT is affecting technology departments in large companies. In particular, the challenges that adopting consumer-centric technologies can cause for support (as a result of a much more diverse device fleet which changes rapidly) and security.
In it, this line made me smile:
[A study by IDC] accused internal tech teams of frequently using security concerns as a “figleaf” to justify keeping tight control of decisions about which devices workers may and may not use.
One of the biggest challenges in my role is that we often hear that a good idea was killed because someone said “Security will never let you do that”. Quite often, we would, and sometimes we would go out of our way to support the initiative. It’s usually the case that the idea was atypical or difficult; instead of expending (significant) effort on exploring how it might be made to work, they look for the quickest way to shut it down, which often means either “security” or cost. Changing that culture (and ours) will probably take a long time.