Aligning Security with the Business

Written by

Do you know the feeling? You should share a large file with somebody outside your organization. The file is too big to be sent by e-mail. What can you do? Well, you might have a service by internal IT (we have one) that is not really user-friendly, hard to use and – as you do not need it too often – you are never able to remember where this single e-mail is that describes how to use the service. Right?

Well, this is partly because of the mailbox sizes and DOS on mails, attachments are limited. But why do we not have an easy way to share public information (e.g. the presentation deck I need next week)? Guess what happens:

Survey: 85% of Employees Under 25 Use Personal E-Mail Accounts for Work

A surprise? Really? Not for me…

The main reason these workers turn to personal email seems to be the attachment size limits of their official work email accounts. As we’ve reported, Palo Alto Networks found that Web-based file sharing such as Megaupload is also very popular in the workplace.

Do you like your files on public file sharing sites? Even public files? I do not.

…or…

…I also noticed that many employees used personal accounts for work because they didn’t have offsite access to their company email

Well, there is OWA or DirectAccess – no need for the clumsy and not-user-friendly VPN anymore…

And we feel so good with our policy not to allow these things… We block certain websites, without giving the user an ability to solve the business problem. The user circumvents security and the security people sleep very well as they have such a stringent policy.

This is definitely a wrong perception of security.

Roger

What’s hot on Infosecurity Magazine?