The other integrity is at risk, as well
My major concern is their disregard for “the other integrity.” Coming from one of America's most respected publications, this list legitimizes inappropriate conduct. The WSJ represented corporate best-practice security policies as “10 problems” that require end-users to apply “tricks” to get around. Despite the fact that employees sign acceptable use policies that forbid these actions, the WSJ suggests these tips can be used with minimal risk.
I believe this article has the net effect of encouraging behaviors which could get employees fired, cause a security breach or result in lost reputations and/or dollars. Their “security experts” provide details that could, if followed, compromise the integrity of an individual, a corporation or a government organization. IT professionals already struggle to combat cultural bias against safe computing and good security practices. Are they suggesting that the end justifies the means?
The sad part is that well-intentioned readers are deceived. I have seen these suggested actions lead to numerous personal disasters. Like buying a radar detector to speed on highways, this article demonstrates the opposite of open and transparent surfing while at work. If this advice is followed, corporate protections for sensitive information, legal compliance and ethical training would all be undermined.
This piece should instill fear regarding our future security effectiveness, especially if we lose the hearts and minds of the masses. Is this a one-off or the harbinger of things to come? Will the good guys turn away from us?
My main message in response to readers of this article is simple: your integrity is at risk — the other integrity.
From the - October 2007 Issue of SCMagazine »