Protecting information in a changing world

HomeBlogsProtecting information in a changing world

Is technology getting harder rather than easier to use?

Technology is, without a doubt, becoming increasingly complex and fragmented. Cloud services are competing with in-house systems, staff are using their own devices for work purposes, and different business areas are spending their own budgets on technology without necessarily informing the IT manager.

Undoubted benefits come from adopting new technologies and working practices. Staff are more accessible, productivity increases and the business can become more agile. Alongside such advantages however, the downside can be that IT loses a level of control, potentially compromising security and making service levels harder to assure.

Knowing how to strike a balance between benefits and risks can be quite daunting. Some businesses try to prevent use of external services, restrict use of personal devices or add layers of budgetary control. Others find themselves heading in the other direction: being unable to adopt a manage-everything approach, the risk is ending up with a situation in which anything goes.

Most organisations lie somewhere in between, with IT managers attempting to keep existing technology going while expressing concern at non-jurisdictional IT activity. The concern is valid, not only given the potential for issues but also because it will undoubtedly be the IT department that carries the can if something goes wrong.

Organisations should respond by putting information first.

So, is there a better way?

Rather than trying to do everything, best practice suggests focusing on the core information assets at the heart of every business. Different information types require different levels of protection, depending on how important they are and the risks they face. For example:

  • A manufacturer’s discounted price list may be a simple spreadsheet, but its publication would be of major consequence.
  • Salary data, unaudited financial information or sales data all need to be kept to certain groups or individuals within the company.

Putting the information first helps the business decide whether information assets are important enough to require centralised management, protection and support – that’s what the IT department is for. By agreeing with the business who should have access to what, the IT Manager then gains a firm foundation to define how such assets need to be protected.

All sides stand to gain from this approach. The IT department can focus on delivering business-critical information in the best way, while business departments are better able to make decisions about device types or web site designs, without increasing business risk.

Of course this still suggests a shift from IT having exclusive control over technology – but this shift is happening, whether the IT manager likes it or not. Better to work with the change, than be left behind.

A senior Japanese woman watercolors at home

Make Do

20 November 2013

Recent posts

Growth, innovation and cost-efficiency are 2022 priorities for IT leaders

After another unpredictable year, IT leaders and CIOs are looking ahead to next year and assessing how to ...
Continue Reading

Top Strategic Technology Trends for 2022

Top Strategic Technology Trends for 2022 Products & Services Home ❯ Blogs ❯ Protecting information in a changing ...
Continue Reading

The 12 achievements of sustainability

2021 really has felt like a landmark year for Environmental, Social and Governance (ESG). The Covid-19 pandemic drastically ...
Continue Reading