Security as an enabler of innovation
by Christos K. Dimitriadis - International VP of ISACA - Wednesday, 10 October 2012.
There are management processes that have to be in place to ensure the IT security of an organisation and some of these are being deployed to deal with the risks of BYOD. Employees like to feel they can bring in the devices and connect them to the network. Talking about Google, Douglas Merrill, one of their ex- chief information officers, said “studies show that employees can increase company returns when they have the freedom to innovate by trying new software and new workflows. However, those returns disappear when employees are made to feel that their activities are illicit.”

As an example of how companies can give workers freedom without compromising security, Merrill described his experience at Google. "Google's engineering culture was all about working the way you want to work," he said. Employees could use any operating system and work from any convenient location - the office, home, a coffee shop, or wherever. As a result, it was impractical to rely on traditional security solutions, such as installing antivirus software on each device employees used.

Instead, Merrill said, Google addressed security by building up its infrastructure. For example, the company put antivirus protection on its mail server, which is the main source of viruses that infect the network. They also watched their network traffic patterns for any unusual spikes. Merrill said that enterprises need to find new ways to accommodate employees, while also securing their systems. Trying to change behaviour, like asking employees to stop using instant messaging or Gmail, only stands to stifle innovation.

IT security departments need to be aware of what their employees are up to and what is actually happening on the network.


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st