Make It Personal

By  Ben Halpert — December 01, 2007

While speaking at a recent information security conference, I was asked an insightful question by an audience member: "How do we, as security practitioners, relate enterprise security decisions to the individual user?"
To put the question in perspective, it was asked in relation to the banning of the iPhone by the vast majority of enterprises due to the device's lack of builtin security controls. My response: "the key is to bring the risk home to the user."
It's important to give technology users more information than just simple policy statements that prohibit certain actions. Items that should be mentioned when disseminating security related decisions include:
* relevant background;
* potential risks to the organization;
* potential negative impacts to personal data if such risk management strategies are not also applied on an individual user basis.
Instead of just focusing on risks and protection of sensitive information for the organization, relate such positions to the potential risk an employee would face if their own personal information were compromised. I don't personally know of anyone who wants to become a victim of identify theft. The same is true for organization security issues. People will typically do the right thing with regard to protecting an organization's sensitive information, as long as they are informed of the rationale behind such decisions.
BEN HALPERT, CISSP, is an information security researcher and practitioner and writes monthly about security. Send comments, questions and requests to him at editor@mobileenterprise; please include SECURITY in the subject line.


comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

Current rating: 0 (0 ratings)



Must See


EKN Research: How Mobile is Driving Personalized Context and Engagement

Retailers and hospitality enterprises are well aware that mobile technologies must be driving consistently high standards of in-store or in-location customer engagement. These are key imperatives for customer relevance, financial gains, loyalty and brand advocacy. However, more often than not, such standards break-down in stores due to a wide variety of reasons. Download this benchmark report to understand how mobile is driving a more personalized engagement and key business pains, performance and capabilities related to in-store customer engagement.