A long time ago in an office far, far away, I sat in on a meeting to decide how many of our office computers we’d connect to the Web – if any. It was 1993, the first Web browsers were emerging, and we were just beginning to grasp how fun, entertaining and distracting the Web would be once it started to grow. “Heck, we may have to keep people away from this,” we thought.
A year later, of course, we were all hooked up and surfing like mad. Today, things haven’t changed much as most of us are connected one way or another for the majority of the average day. What has changed though is employees Web activities are now being monitored.
I smiled recently when PC World magazine cheekily ran two related stories at the same time: “How to Monitor Your Employees’ PCs Without Going Too Far” and “Stop Your Boss from Spying on You.”
Today more than three-quarters of U.S. companies monitor their employee’s Internet use, according to the first article. I agree that they should. First, workers are paid to work, not to shop or play games. Second, the potential liability from an employee’s bad behavior online while at work is truly scary. Third, who knows what kinds of proprietary data might leak out from computers polluted with spyware and viruses?
So it’s the job of IT to make sure upper management creates a policy on what to block and enforce this policy. In large organizations, sweeping brute force measures are sometimes needed, and the blowback can be time-consuming (“but I need to see YouTube because it’s part of my job”). What is most important is that the executives at the top tell employees they’re being watched and tell them why. Full disclosure prevents future surprises and/or conflicts. Monitoring also gives IT the chance to generate reports on who’s surfing where and lets you swat down any behavioral problems the moment they start to flare up. This is actually good management and far better than after-the-fact “gotcha” stings or passive-aggressive hinting. So yes, let’s lock down and button up.
Security, security, security. It’s really no surprise that I keep finding myself writing about security issues. No matter where I look for hot trends in IT, the subject just keeps coming up. Just last week, David Foote, CEO and co-founder of Foote Partners, an industry analyst who tracks IT job trends, said in an interview that security is “the blessing and curse of technology. It’s a slam dunk to work in security.” In 2007, spending on security was 7.2 percent of the IT budget, he noted. Yet by 2010, it had increased to 13.5 percent.
A hot specialty? Almost 20 percent of all the current listings at Dice have the word “security” in them somewhere. That’s more than 14,000 jobs and that’s why anyone navigating a career path through the world of IT should be at least somewhat well-versed on security issues. From the biggest mainframe to the smallest smartphone, and along every wired and wireless connection that ties us all together, security issues kick in. (And in government IT jobs, by the way, it’s an obsession.) Come to think of it, no matter what you do in IT you probably have a way to spin your experience as security-related in one way or another. Here’s an experiment. How would you write a couple of resume lines about your experience if you were giving it a security-related flavor? I bet you can do it. I know you should try.