Tag Archive for Management

| January 31, 2013
Comments Off on Are Users the Future of CyberSecurity?

Are Users the Future of CyberSecurity?

Are Users the Future of CyberSecurity?Gartner is shopping the idea that the people using IT systems and corporate data are perhaps the best ones to guard them. They are calling the People Centric Security (PCS). According to a ZDNet article, People Centric Security loosens IT controls and relies on end-users to assume responsibilities for protecting IT systems and data.

Gartner logoTom Scholtz at Gartner (IT) presented the idea at the recent Gartner Identity and Access Management conference. They explained it this way, empower users with responsibility for systems and data important to their work, sprinkle in consequences for breaching that responsibility, and users will do the right things to secure their environment.

Gartner argues that the convergence of social, mobile, cloud and big data are eroding corporate boundaries and controls in many areas long thought to be state-of-the-art defenses. “The current approach in developing policies and controls doesn’t scale to current realities,” Mr. Schotlz said.

users will do the right thingMr. Scholtz argues current information security policies and tools grind on productivity. He says the relationship between IT, the business, and workers has transformed and necessitates a change in regard to information security. “In this brave new world, what we do as security people is viewed as negative. We are the people who slow things down.

However, Gartner is not advocating losing all controls and policies only loosening them. Mr. Schotlz argues that taking away controls on data and replacing them with new user-based responsibilities, principles, and rights may just improve end-user focus and produce a more managed and secure environment.  “We cannot forget about the bad guys outside our enterprise; we do not get rid of all our defenses,” he said.

We treat them like childrenOne of the realities in the current approach to information security is we treat the 95% of people that want to do the right thing, we treat them like the bad people in order to protect against the bad things done by the 5% of people who have bad intentions,” said Scholtz. “We treat them like children, and if you treat people like children, they will act like children.

The PCS goal is to implement a “trust space.” ZDNet explains that concepts surrounding “mutual trust” are not new, they have been used in traffic planning, Europe’s Schengen Agreement, open source, and even cloud computing, where companies trust that large providers will protect their data as part and parcel of protecting their own valuable brands.

Gartners People Centric Security Principles

Such an environment “makes it easier to monitor for exceptions, the good people are not trying to circumvent the controls,” says Scholtz.

Protect your dataGartner’s Scholtz knows PCS is not for everyone and that implementation requires cultural and educational challenges. “Maybe we could develop a situation where we have a set of underlying principles that underpin how people use data and how they access systems, and we link those with specific individual responsibilities,” he said. “Maybe we get a more collaborative and social environment.

There are specific requirements if PCS is to prosper according to the article, the process has to be top-down and there have to be effective punishments for those that abuse their rights. Scholtz admits his concepts are in the embryonic stage, but that they will evolve in the coming months as he works with select enterprises. He noted that a European bank and a U.S.-based agricultural business are already adopting PCS concepts.

 rb-

How crazy do you think the PCS concept is? Can it work? Remember that just a couple of years ago, Gartner called BYOD, which I covered here in 2010.

Are your users the future of cybersecurity?

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| October 18, 2012
Comments Off on Do One Thing at a Time

Do One Thing at a Time

Do One Thing at a Time at workTony Schwartz asks in a recent post The Magic of Doing One Thing at a Time at Harvard Business Review, why is it that between 25 and 50 percent of people report feeling overwhelmed or burned out at work? The author suggests that it’s not just the number of hours we’re working. He says we spend too many continuous hours juggling too many things at the same time.

Wherever we go, our work follows usIn the article he argues that we’ve lost stopping points, finish lines and boundaries. Mr. Schwartz believes that technology has blurred them beyond recognition. Wherever we go, our work follows us, on our digital devices, ever insistent and intrusive. It’s like an itch we can’t resist scratching, even though scratching invariably makes it worse.

Not Helping

Mr. Schwartz points out that “time savers” don’t save time. He argues that answering emails during conference calls; eating lunch at your desk or make calling or sending texts while driving are not helping you be more productive.

sending texts while driving are not helping you be more productive.The biggest cost, assuming you don’t crash, is to your productivity. You productivity crashes because you are splitting your attention. You are partly engaged in multiple activities but rarely fully engaged in any one. The author explains this impacts your productivity when you switch away from a primary task to do something else. By switching between tasks you’re increasing the time it takes to finish that task by 25%.

The HBR article warns that if you’re always doing something, you’re relentlessly burning down your available reservoir of energy over the course of every day, so you have less available with every passing hour.

Increase focus at work

Mr. Schwartz suggests three policies for managers to increase focus:

Maintain meeting discipline1. Maintain meeting discipline. Schedule meetings for 45 minutes, and not an hour or longer, so participants can stay focused, take time afterward to reflect on what’s been discussed, and recover before the next obligation. Start all meetings at a precise time, end at a precise time, and insist that all digital devices be turned off throughout the meeting.

2. Stop demanding or expecting instant responsiveness at every moment of the day. It forces your people into reactive mode, fractures their attention, and makes it difficult for them to sustain attention on their priorities. Let them turn off their email at certain times. If it’s urgent, you can call them — but that won’t happen very often.

Encourage renewal3. Encourage renewal. Create at least one time during the day when you urge your people to stop working and take a break. Offer a mid afternoon class in yoga, or meditation, organize a group walk or workout, or consider creating a renewal room where people can relax, or take a nap.

Steps to take

The blog says that people have to set their own boundaries:

1. Do the most important thing first in the morning, preferably without interruption, for 60 to 90 minutes, with a clear start and stop time. If possible, work in a private space during this period, or with sound-reducing earphones. Finally, resist every impulse to distraction, knowing that you have a designated stopping point. The more absorbed you can get, the more productive you’ll be. When you’re done, take at least a few minutes to renew.

scheduled times to think2. Establish regular, scheduled times to think more long-term, creatively, or strategically. If you don’t, you’ll constantly succumb to the tyranny of the urgent. Also, find a different environment to do this activity — preferably one that’s relaxed and conducive to open-ended thinking.

3. Take real and regular vacations. Real means that when you’re off, you’re truly disconnecting from work. Regular means several times a year if possible, even if some are only two or three days added to a weekend. The research strongly suggests that you’ll be far healthier if you take all of your vacation time, and more productive overall.

Stop multitaskingA single principle lies at the heart of all these suggestions. The author concludes that when you’re engaged at work, fully engage, for defined periods of time. When you’re renewing, truly renew. Stop living your life in the gray zone.

rb-

My personal experience reinforces the authors conclusions. My experience has been that I was able to get 2x the work done on a single telecommute day, than when I am at the office. Now that I have to be on-site everyday, my work output has decreased because I can’t work without interruption for any period of time.

I have found that you can’t focus on anything when you’re moving 90 mph and you can’t stop to take a breath. Maybe someday I will get an office and see the magic of doing one thing at a time.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| December 6, 2011
One comment

How to Use the Last 5 Minutes of Your Work Day

How to Use the Last Five Minutes of Your Work DayPeter Bregman a strategic advisor to CEOs and their leadership teams wrote in the Harvard Business Review that most of us get smarter as we get older. But somehow, despite that, we often make the same mistakes ay home and work. On the flip side, but no less comforting, we often do many things right and then fail to repeat them. He believes it’s because we rarely take the time to pause, breathe, and think about what’s working and what’s not.

think about what's working and what's notMr. Breman says that people should look at their past behavior, figure out what worked, and repeat it while admitting honestly what didn’t and change it. He theorizes that if a person can do that well, everything else takes care of itself. That’s how people become life-long learners.

Five minutes to become a life-long learner

The article says it only takes about five minutes to become a life-long learner. Life-long learners take a brief pause at the end of the day to consider what worked and what didn’t.

before leaving the officeMr. Bregman proposes that every day, before leaving the office, save a few minutes to think about what just happened. Look at your calendar and compare what actually happened, the meetings you attended, the work you got done, the conversations you had, the people with whom you interacted, even the breaks you took, with your plan for what you wanted to have happened. Then ask yourself three sets of questions:

  • How did the day go? What success did I experience? What challenges did I endure?
  • What did I learn today? About myself? About others? What do I plan to do — differently or the same — tomorrow?
  • Who did I interact with? Anyone, I need to update? Thank? Ask a question? Share feedback?

Maintaining and growing relationships

This last set of questions is invaluable in terms of maintaining and growing relationships. It takes just a few short minutes to shoot off an email — or three — to share your appreciation for a kindness someone extended, to ask someone a question, or to keep someone in the loop on a project.

If we don’t pause to think about it, we are apt to overlook these kinds of communications. And we often do. But in a world where we depend on others to achieve anything in life, they are essential.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
  Recent Entries »