IT Security – Protection Vs Convenience

People and businesses today depend and are taking advantage of digital conveniences. The benefits are obvious, and they are alluring: Increase in productivity, cost/time savings and above all immediate gratification. Without the convenience, computers and IT wouldn’t be here to stay. These technology miracles make living our lives and doing business a pleasurable experience, but are we taking things for granted? do we have to draw the line? How do we make sure our private lives stay private, and our data stays secure?

Security and protection is this line we all should draw at some point, if being conscious about the perils tagged along the conveniences. For IT, specially if it is for a company, a digital compromise would mean an arm and a leg or perhaps the life.

However, implementing security is always a compromise. Are we ready to ditch smartphone and pick a key-pad phone, or switch to facsimile instead of email for business communication?

The most protected house would be one without any doors or windows. No robber would dare to break in through a wall, so everything within would be safe. What is painfully obvious is the inconvenience for the owners. They can choose to have one door, which make it accessible for the owners keeping one secure point of entry/exit, but does it make convenient? Probably still not. Building a normal house with all door and windows, having quality locks and a dependable security system in place together with a video surveillance would give all conveniences of a house while securing its belongings. Above and beyond, owner can adhere good practices such as checking all doors and windows before going to sleep, not to hide keys in obvious places (under rugs and pots) and only entertain strangers in the front garden but not within the house etc.

Even with all precautions and systems in place, burglary still happens, a well-motivated thief can always find a way to break-in. Having secondary measures such as keeping valuables in a safe or bank, and obtaining a suitable insurance against such an event would minimize the damage.

Reading carefully, you will realize how close above analogy is applicable to IT, whether it’s personal or corporate. Implementing a stupidly restrictive IT security policy can easily protect systems and data while frustrating the staff and making them inefficient, defeating the purpose. Whereas a well-thought-out IT security policy (systems, processes and procedures) would help achieving the efficiency with convenience by reducing the risk in IT vulnerability.

Striking a balance is hard, but would eventually give the freedom and peace of mind we all seek with the technology advancements.