< It’s Not Only Government Working Through Privacy Issues… (Google Version) Hitting the limits in the security arms race >

Information Assurance and Web 2.0

Posted by Tom Fuller in Blindside project, Data breaches, Humanity nature and activity at September 19th, 2007

Two terms still nebulously defined, but impacting on each other in the present day.

Information Assurance: A strategic commitment on the part of an organisation to protect information while providing it to those entitled to receive it, managing risk and reducing it where possible (starter for 10 definition–feel free to improve). Reference point: (None available at this time)

Web 2.0: Low cost tools and applications intended for wide public use to improve communications and allow everyone to participate in a global discussion using the Internet. Reference points: Weblogs, wikis, social networking sites, instant messaging, Skype, memory sticks, P2P resource sharing, etc.

The two currently interact in an undeclared war existing between IT departments and resource users within organisations. The weapons of choice for IT departments are rigid rules and sanctions (e.g., no you may not use Skype or instant messaging in the workspace, you may not send or receive emails of more than x mb, etc.), while the subversive user finds ways of getting around or breaking the rules, usually with the intent of being a more productive worker (and using some of the time saved to goof off a little).

The war is described here, at Tech Republic’s Sanity Check blog. It also links to a Wall Street Journal article that I have stumbled across frequently since its publication, “10 Things Your IT Department Won’t Tell You.”

Before we start discussing the information assurance implications of social networking and other Web 2.0 features, peace needs to break out between IT departments and the people working within organisations. There are serious issues regarding Web 2.0 tools, no question. But if you need to send a graphics-heavy file to someone and cannot do it with your company email, what are you going to do? If your organisation network fails frequently and you are faced with idle time at your workstation, where are you going to go? If your organisation prohibits personal phone calls at work and you are far away from your loved ones, how will you stay in touch?

Rigid rules will trap IT departments more than they will constrain the behaviour of staff. Guidelines and workarounds will go further.

Hat tip (and many thanks) to Ian Bryant for forwarding the Sanity Check posting.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

There are no comments yet.

Leave a Reply

Contributors to the Blindside wiki and blog should note their input forms part of a collaborative resource that is Creative Commons (by-sa 2.5) licensed. We hope these resources will be reused and remixed in the public interest. You do not need to seek permission before you re-use our works, although we do require that users attribute Blindside as their source, and license the resulting work under the same terms.

< It’s Not Only Government Working Through Privacy Issues… (Google Version) Hitting the limits in the security arms race >