Fear, Uncertainty and Doubt
Why, when there are so many fundamentally sound reasons for a company to do good security, do the security professionals seem to always fall back to trying to motivate through FUD? Why aren’t you guys out there talking about improving IT efficiency, delighting your business users, enabling corporate strategy, reducing operating overhead and so much more?
Here’s a great example for you.
Security and IT are busy fighting iOS, BYOD and mobility. Especially iOS … something about enterprise IT not liking iOS, I suppose. And the fight is led by people using a ton of FUD.
All those things that security people claim they have wanted for years are built in to iOS and the hardware. These devices have always on hardware encryption, geolocation, local and remote device wiping, call home, application sandboxing and much more. They are, straight out of the box, more secure than just about any laptop straight out of the box.
Instead of embracing these devices, though, we spend all of our efforts fighting against them because they are BYOD, or mobile, or consumer IT or something. Instead of preferring that our employees access their email and sharepoint sites with a device that they want to keep handy so they can play Angry Birds, we talk about the dangers if these devices are lost or stolen. Instead of helping enable employee efficiency, we want to insist on corporate Blackberries and Dell laptops.
Security guys, if you keep this up, you will be ignored and made irrelevant. Stop the FUD, start focusing on great security aligned with your business.
