This week we discuss the need for security. It should go unsaid with the number of reported cyber attacks in the news today. That there is a definite need for security yet I hear nearly every day someone–not always the same person–complaining about: logging into a machine to see a setting, the timer timeout time for automatic logout, no access for a setting, or we need to run a machine outside of normal parameters. Sure, you might have legitimate reasons for needing less security. However, those reasons rarely consider the business reason for needing more security. Its main argument is always a convenience.
There is a business need for using security. It keeps an organization’s intellectual property safe. It keeps employee personal information safe, and it keeps customer information safe. Without security, it becomes very difficult to keep the confidence of the stakeholders, and the business could fail.
Another common thing I hear is, “we don’t have anything important to protect.” You might think so but do you think the CEO or your manager has the same opinion about losing information. You might think it would be easy to reproduce, but what about the lost person-hours spent recreating that lost information. What is the opportunity missed because you didn’t work on something new?