Comment: A new generation will demand a change in the role of security

Work and non-work boundaries are rapidly becoming not just blurred, but totally nonexistent
Work and non-work boundaries are rapidly becoming not just blurred, but totally nonexistent
Martin Blackhurst, Redstone Managed Solutions
Martin Blackhurst, Redstone Managed Solutions

Look at the average 20-year-old today and you will see insights into the future operation of business. Consciousness about how, where and when to communicate and access information will be replaced by a mindset that demands to do so without thinking, regardless of location, with whatever tools are at their disposal. Business life will operate largely from a smart phone, notebook or thin client, not a PC and desk in the traditional sense. The tools of the trade will be social networking sites, online meeting places, text and IM, as much as email and phone.

In just three years’ time, current university entrants will be approaching their mid-20s and already be established in the UK workforce. They will be the young driving force in organisations, keen put their stamp on the way things are done, inducing a radical switch in the way we do business. These changes will affect means of communication, networking and collaboration, both inside and outside work.

Work and non-work boundaries will become not just blurred, but totally nonexistent. With home working and mobile business already prevalent, work patterns will flex beyond known capabilities. New mindsets in the workplace will be required to deal with the information addiction that our newest employees demand. Productivity, to them, will be based on doing what’s needed, when it’s needed, at any point during the day.

So why does all of this matter? Because these changes will mean a radically altered view of the role of information security within organisations. They will trigger a necessary change in mindset and approach to securing an organisation for success.

The origins of information security date back to a time in the not-so-distant past, but when organisations were vastly different to what they will be in just three years. The threats are changing, but so is the role of security. It’s no longer just about protection and locking up your data. It’s going to be about letting data flow as freely as is securely possible to achieve the best economic returns for an organisation.

To manage this change, organisations must evolve their IT security strategy away from excessive security, or ‘lock down’ that will stifle innovation and productivity. Insufficient security may make the level of risk outweigh the potential benefits of more open exploration of ideas and information freedom, but optimal security will enable personal preference, freedom and flexibility in a secure manner.

Information security will have the power to be more than just an insurance policy. With the controls set correctly, security will be the new rudder that steers organisations towards increased success while simultaneously achieving business goals.

Checklist for achieving optimal IT security – recommendations by Redstone Managed Solutions
  1. Corporate information security must never be on default full volume; it must initially start at an acceptable level and be increased to the maximum point necessary
  2. If your staff morale and performance is affected more by security breaches than it is by lack of information access, then your security measures are too relaxed
  3. If the inverse of No. 2 is true, then your security measures are too stringent
  4. A lesson in trust can be equally, if not more, beneficial to your workforce than a security monitoring system
  5. It’s not tomorrow’s modes of communication that are insecure, it is the people who do not understand them well enough
  6. Security is there to serve the business; business is not there to serve security
  7. Active data, irrespective of how or where it is accessed is the critical corporate asset. It must be monitored, but managed
  8. In no uncertain terms should organisations reduce or forget security, they should however, review its value regularly

Martin Blackhurst is the head of IT security at Redstone Managed Solutions where he is responsible for product management in IT security and IT solutions across the company. He joined Redstone Plc through the Tolerant Systems acquisition, having been Tolerant’s technical director for over six years.

Blackhurst has over 25 years of experience in the IT industry, including a position at Perot Systems for six years. Prior to this he spent four years as a senior systems engineer within ComputerGroup/SHL Systemhouse as an IBM RS/6000 and NetWare specialist.

What’s hot on Infosecurity Magazine?