Workaround
Image by Werner Moser from Pixabay

Workaround

Happy Friday!

Welcome to this edition of “Workaround” (#240).

My maiden journey to the U.S. occurred just a couple of months after 9/11. Although I was aware of the horrific and tragic attacks, I wasn’t expecting an almost strip search at the immigration checkpoint. I experienced the deeper sentiments firsthand at the port of entry. It was the first time a passenger aircraft was used as a weapon rather than a bargaining tool (hijacking was the threat until that time), so I convinced myself that such high scrutiny was warranted.

A whole new federal agency was launched called the TSA (Transportation Security Administration) in November 2001 with the sole purpose of protecting the nation’s transportation systems. While everyone understood the need for its stringent procedures, over time some of these measures have become burdensome, and many workarounds have been introduced. Let me list a few.

As extremists cleverly plotted to use shoes as bombs, a rule emerged to have shoes and belts screened. Over time, exceptions were granted to frequent travelers through a workaround by paying a fee and registering themselves in programs like TSA Precheck.

When terrorists concocted liquid bombs disguised in bottles of sports drinks, this led to the ban on carrying any liquids through the security gate. Over time, the 3-1-1 rule was introduced, followed by the allowance to carry empty bottles through as a workaround.

Similar to the evolution of security processes and the workarounds in the physical safety of the transportation systems, an evolution has occurred in the digital safety of the cyber systems too.?

We have evolved from a simple password to access and safeguard a computer system to a plethora of tools and devices, from MFA’s to Firewalls to Encryption. There is always a tension between the teams releasing a piece of software and the teams safeguarding and upholding the safety and security of the enterprise systems. Here are a few workarounds that can ease this tension.

As a team releasing the software, spend the time to understand the intent and background behind each security measure that you are asked to adhere to. Then you can come up with a workaround, like TSA Precheck, by doing the requisite tests before hand and getting a clearance ahead of the release night.?

As a team upholding the security of enterprise system safety, understand that application teams do not have ill intent. More often than not, they are either unaware or pressed for time. Show patience and concern, guide them to the policy documents and establish a partnership model with a give and take.?

No matter what the security process is, it always requires more time and work but for a good reason. Just as we allow ourselves more time for TSA clearance, especially during busy travel days, allow yourself more time in your planning for security compliance.?

A popular infosec quote summarizes it well, “If you can’t afford security, you can’t afford a breach.”

Stay safe, Stay healthy and Stay blessed.?Thank you and have a safe weekend.

António Monteiro

IT Manager na Global Blue Portugal | Especialista em Tecnologia Digital e CRM

6 个月

Navigating the balance between innovation and security is tricky. Collaboration between teams can really drive success while ensuring safer tech solutions. What kind of workarounds have you seen that actually work?

回复
Mahipal Jain

Director - Consulting at Cognizant Business Consulting

6 个月

Because of ill-will of a few (actually just a handful), everyone has to pay a price... Thanks for your write-up, as always it makes a good read!

要查看或添加评论,请登录

Kiran Simhadri的更多文章

  • Colors

    Colors

    Happy Friday! Welcome to this edition of “Colors” (#266). Let’s start by thinking back to a time when you strolled…

    1 条评论
  • Women

    Women

    Happy Friday! Welcome to this edition of “Women” (#265). My elder sister grew up as the only girl among three siblings…

    1 条评论
  • AI – The Good, Bad, and Ugly

    AI – The Good, Bad, and Ugly

    Happy Friday! Welcome to this edition of “AI – The Good, Bad, and Ugly” (#264). My boss often jokes about AI replacing…

    10 条评论
  • Change

    Change

    Happy Friday! Welcome to this edition of “Change” (#263). Many of my colleagues, including myself, are going through…

    4 条评论
  • Anniversary

    Anniversary

    Happy Friday! Welcome to this edition of “Anniversary” (#262). Once upon a time, on a Thursday night, I sat in my hotel…

    4 条评论
  • SuperBowl

    SuperBowl

    Happy Friday! Welcome to this edition of “Super Bowl!” (#261) For those unfamiliar with American football, the Super…

    5 条评论
  • East and West!

    East and West!

    Happy Friday! Welcome to this edition of “East and West!” (#260) This week, my neighborhood has been alive with vibrant…

  • Strategic Alignment

    Strategic Alignment

    Happy Friday! Welcome to this edition of "Strategic Alignment" (#259). As we pick up pace in the new year and dive into…

    1 条评论
  • Identity

    Identity

    Happy Friday! Welcome to this edition of "Identity" (#258). This week, we had the pleasure of hosting a large group of…

  • Nuances

    Nuances

    Happy Friday! Welcome to this edition of "Nuances" (#257). Let me start with a recent personal experience: Have you…

    2 条评论

社区洞察

其他会员也浏览了