‘I want to use the latest online collaboration tool, what’s your advice on securing it’?
“When people start asking me proactively, that’s my measure of success.
That was how a conversation ended between me and the Head of Security at a FTSE100 company.
It started a little differently – ‘we can’t control our information, every day there’s new online collaboration tools being used by the business. Dropbox, Yammer, Slack, Asana, ZoHo, Vanilla…
…we’ve got a policy against it, and I’ve told the business about the consequences, but the problem’s getting worse.’
In confidence he shared his top concerns:
1 – Data breach – he was losing control of where company data sat
2 – Legislation breach – he didn’t know what type of company information was in the public domain
3 – Being the scapegoat – if a breach occurred, he’d get the blame
Summed up in one stat lay the root cause of my client’s problem. The conflict between being productive and being secure.
Most online collaboration tools provide secure encrypted versions. If the business makes a strategic decision to use them. Does their due diligence. And implements properly. Online collaboration tools add great value to the speed, productivity and innovation of business.
So, the challenge is not to stop their use. But how to get people to consider the security implications before hitting GET STARTED.
Getting people to consider security before pressing GET STARTED
Ever had one of those conversations where you start with one opinion, but by the end your opinion’s changed? Good conversations are a catalyst for change. Whilst they take a little longer than writing an edict, the return verses time invested is undisputable.
As a free resource we’ve pulled together the top 5 conversation starters we’ve used or witnessed others using. You can download it for free here. Here’s a flavour of what you’ll find.
This one comes courtesy of a colleague and friend of ours Mark Barmby, Head of Cyber at 3SDL. He uses it with senior clients:
The value-chain conversation starter…
Mark – As I understand it, your business depends on the speed and agility of your teams to develop product and get it to market before your competitors.
Board – That’s right; we need teams to take the initiative and be super-efficient.
Mark – What if the collaborative tools your teams are using to enhance their productivity introduce new security vulnerabilities into the business network?
Board – That’s high risk for us, but we really value the potential advantage these collaborative tools offer on speed and agility – how can you help?
Mark – Let’s look for an equilibrium; we could look to understanding the choices your employees make when selecting communication tools and run a campaign that helps them to grasp the security vulnerabilities around them, encourages them to take responsibility and provides them with streamlined IT support to make informed decisions.
Our guide includes conversation starters suitable for the employees, HR, internal comms and more.
Now it’s your turn – I like to hear ways you’ve started, or are planning to start, conversations with your business around their use of online collaboration tools. Share them below, and help others start conversations that generate awesome security behaviours in their business too.