You can't secure what you don't acknowledge.SM

Friday, January 15, 2010

I'm featured in the new issue of Entrepreneur Magazine

Check this out. I'm featured in the January 2010 issue of Entrepreneur Magazine's Ask A Pro section where I talk about employee monitoring:

Magazine, January 2010. © 2010 By Entrepreneur Media, Inc. All rights reserved. Reproduced with permission of Entrepreneur Media, Inc.

In this piece, it may not be clear whether or not I support monitoring of employee email so let me clarify. I'm not for micromanagement and Big Brother but I am on the side of business when it comes to the issue of employee monitoring of email, social media, general browsing, or whatever which ultimately leads to improved information security.

Employees are there to provide some type of expertise, sweat labor, or other service in exchange for money. If people occasionally send/receive personal emails and surf the Web that's fine. You can't reasonably prevent that. However, if goofing off or otherwise putting your network and information at risk is most of what they do, huh uh. You wouldn't believe what I see (and the studies back it up) on the typical network: 50%+ network bandwidth consumed by streaming audio and video, majority of Internet browsing sessions going to Facebook, Twitter, etc.

This is not only a matter of people goofing off, being unproductive, and ultimately providing limited value to their employers but it's also creating a negative impact on the network - ultimately on IT. It's also creating security issues. Not only the malware threats but also the risk of sensitive information leaking out of the network. If employee Internet and computer usage are not being proactively monitored - regardless of the protocol or media - it's merely a free-for-all and a no doubt data breach in the making. The lesson here: know your enemy (hint: he's on your network right now) and do something about it.

Speaking of the internal threat, here's a new article I just wrote on what I believe is the real deal with the insider threat that you may be interested in.


  1. I'll have to read the article in the magazine as well, but I can say this issue will continue to worsen as the social media explosion continues and younger employees (who grow up with using these tools) enter the workforce. One of the big problems is that the use of things like Facebook & Twitter extends past the office - people post things about their day at work from home accounts not even thinking about the ramifications to their company (imagine a post from an Apple employee: "I just saw the coolest iPad 3 demo with new iOS5 and supercool gadget widgetron").