Giving some thought to the changing information security policies that are needed to cope with the increasingly collaborative-based tools that are emerging in the cloud era, and it got me wondering… if the telephone were to be invented today, would it pass muster with one of the more officious information security departments?
Imagine the conversation:
Potential Telephone User: “I'd like to get one of these new telephones, please.”
InfoSec Team: “Hmm. We'll need to have a think about that.”
PTU: “I really need it. All of my clients are using them, and I need to be able to talk to them. I have to have a phone number!”
IST: “You want to disclose your identity to others outside of the organisation? I don't think so!”
PTU: “You what?”
IST: “And have you thought about the implications of having no password on the phone. Anybody could be picking it up and communicating with your callers.”
PTU: “They'll probably just take a message on a post it for me.”
IST: “Post Its? Information left out in the open with personal information on it? Are you crazy?!?!”
PTU: “Sod it. I'll buy a mobile.”
mmitII 