Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
ComputerWorldNetwork WorldCIO CanadaCIO Canada Governments' ReviewJobUniverse Canada
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Unlock the potential of data with the right data warehouse solutionUnlock the potential of data with the right data warehouse solution read more
IBM Multiform Master Data Management: The evolution of MDM applicationsIBM Multiform Master Data Management: The evolution of MDM applications read more
Closing the data privacy gap: Protecting sensitive data in non-production environmentsClosing the data privacy gap: Protecting sensitive data in non-production environments read more
Yuk it Up
Green IT Playbook
Featured IT Quiz
IT Quiz: IT World Canada and IDC Canada want to know how your Green IT strategy is shaping up. Take this quiz to see how your company stacks up against other IT World Canada readers.
Featured White Papers
This white paper details Intel's current and future energy-saving initiatives to reduce costs and support business goals. Learn how Intel IT is extending its efforts to be a role model enterprise IT organization by supporting the Climate Savers Computing Initiative, which aims to drive a 50 percent reduction in computer-related CO2 emissions worldwide. No registration required.
CIO Green IT Playbook
Sign-Up for
Leadership
eNewsletter Delivered Weekly
Click here
Page 1 of 2

Coping with consumer technology

A tide of consumer technology is sweeping through our organizations, and CIOs must not let security get swept away with it. Here’s some advice on staying high and dry.

You’ve noticed it seeping into the IT workday. An end-user calls the support desk for help connecting a new iPod to the desktop. Another asks how to add Skype capability to the desktop. Consumer IT – technology and devices initially designed and marketed for use in the consumer space – has infiltrated the workplace.

CIOs overseeing the invasion of consumer technology know it’s not enough to simply write a management policy, post it on the intranet and then revisit it a few years down the road. “Stagnant policies and procedures just aren’t practical for these types of technology,” says Rob Israel, vice president and CIO at $400 million John C. Lincoln Health Network. Policies need to be revised on a regular basis according to user needs and organizational security concerns – Israel revisits his every four to six months. And for any policy to work, CIOs need to have a strong communication strategy, involve users in policy creation, build in security and find a balance between restriction and freedom of use.

COMMUNICATE EXISTING POLICIES

“I know some CIOs who have 150 or 200 security policies. That’s just way too many,” says Israel. His consumer IT-related policies total 30. The limited number makes it easier to communicate the policies and their updates. When Israel’s team makes a policy addition or change, they explain the rationale to users with straightforward language. “We’ll say ‘Do you know why we encrypt email?’ Then, we’ll explain why we do it in three or four sentences,” he says.

INVOLVE THE END-USER COMMUNITY

Jay Dominick, who recently became CIO at the University of North Carolina after holding that position at Wake Forest University, sees more consumer technologies being introduced everyday. Most come from students who tend to have both disposable income and time on their hands.

“Our policy-making process involves multiple layers of faculty, staff, student input, and the legal office, so it can take six months or a year to reach consensus,” said Dominick, while still at Wake Forest. In 2000, when Napster hit university networks, Dominick said, “it took almost two years before there was a response from universities as to how to manage it.”

That was then. Students now have input in forming these policies, so the specifics get socialized among the user community before a policy debuts. This way there are no surprises. “A policy that is a surprise won’t get followed,” said Dominick.

BALANCE POLICY STRICTNESS

Given the confidentiality restrictions around patients’ medical data at the John C. Lincoln Health Network, Israel employs a high level of strictness in his usage policies for consumer IT.

At Kennametal, a $2 billion industrial manufacturer, there’s more leeway. IT works closely with end-users to find suitable workarounds to its strict policies, says Raj Datt, VP and CIO of Global Information Technology. An example is a request for YouTube functionality by the sales staff. “Our sales team came to us asking for functionality so they could show potential clients current pricing and inventory…from a video perspective. We responded by enabling BlackBerry access to our ERP system for realtime customer data,” says Datt. Working with users to create a viable alternative has helped change their view of Kennametal IT from that of a cost centre to a value-driven organization. “If we don’t give them an alternative, then they would just bypass IT,” Datt says.

Page 1 of 2
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

Book Reviews

Special Advertising Partners
IDC Case Study: Identity And Access Management Buying Criteria.
IDC analyses IAM buying criteria and deployment at Coppin State University. Coppin State replaces "first generation" IAM solution to obtain benefits needed for today's agile enterprise: ease of integration, rapid deployment, simplified compliance, flexibility.
White Papers
Closing the data privacy gap: Protecting sensitive data in non-production environments
How can IT organizations protect sensitive data, including employee and customer information, as well as corporate confidential data and intellectual property? Industry analysts recommend "de-identifying" or masking data as a best practice for protecting privacy. This white paper explains the importance of closing the data privacy gap in non-production environments, and provides guidance on effective data masking. Complimentary with registration. Sponsored by IBM.
Unlock the potential of data with the right data warehouse solution
Once you've made the decision to implement a new data warehouse, you want to make sure you choose the one that's right for your organization. This buyer's guide provides checklists for starting points that you can use when evaluating vendors and their products. Complimentary with registration. Sponsored by IBM.
Prepare for a more efficient SAP implementation: Take data issues off the critical path
This white paper outlines how the Preliminary Data Assessment Appliance (PDAA) from IBM can help address the challenges of integrating data from different operational applications across the enterprise to an SAP platform. Complimentary with registration. Sponsored by IBM.