Consumerized IT can make security people nervous. Giving users more control over the services they consume, after all, seems inherently unsafe. Business people, on the other hand, have concerns about speed. They want immediate access to the IT services they need to do their jobs. Many assume that these twin concerns of speed and safety conflict with each other. They believe that the faster IT moves, the less secure it becomes—and that conversely, making IT safer intrinsically makes it slower.
At RES Software, we don’t think you can afford to be either slow or unsafe. In fact, when it comes to the consumerization of IT, we’ve found that speed and security actually complement each other.
Slow is Dangerous
The world moves faster than ever. So when a company onboards a new employee—or an existing employee’s responsibilities change—it’s important to provide that employee with the right IT services and resources immediately.
People are also less patient than ever—especially when it comes to technology. If a web page or a mobile app doesn’t load in seconds, we abandon it.
That’s why employees will go elsewhere if they can’t get the technology they want when they want it from their companies. We can bemoan this fact. We can try to institute polices against it. But we can’t change the reality. Insufficiently responsive, inadequately consumerized IT therefore creates two dangers.
- The first is the loss of productivity and opportunity that results when people are inadequately equipped to do their jobs
- The second is “dropboxification”—i.e. the erosion of security, compliance and governance that results from the workarounds that impatient, highly motivated people adopt when faced with delays and obstacles.
Simply put, slow IT is unsafe IT—because it incentivizes bad decisions. Attempting to stop those bad decisions through control and mandates is an iffy proposition. The best way to stop people from doing what you don’t want them to do is to make it easier for them to do what you do want them to do.
Automated is Fast and Safe
Now here’s the good news. The automation required for fast, responsive consumerization improves security—rather than undermines it. That’s because rules-based automation empowers the business and IT to collaboratively define what constitutes legitimate use and what does not. By continually refining those rules, business and IT can work together to both ensure that non-legitimate access is disallowed and that legitimate use is accelerated.
Ad hoc manual provisioning, in stark contrast, is both slow and error-prone. Worse yet, ad hoc processes are poor at de-provisioning. The failure to de-provision services for users who leave the company or take new positions is one of the biggest security/compliance risks that companies face.
So if you’ve been operating under the assumption that you have to negotiate a trade-off between consumerization speed and consumerization safety, I invite you to think again. They actually complement each other—especially if you’re an RES Software customer.