This is a common term used in business to describe a company using its own products, or in this case, following their own policies. After reading many articles lately about IT staff subverting their own policies, safeguards, and common sense to get work done a little faster or easier, I decided to throw in my two cents.
I remember many instances where in a company, you would have system or network admins, complaining about users gambling online, watching videos, or using too much bandwidth streaming music on their workstations, only to find out they were using LimeWire to download music and software to their workstations or worse the company's servers. Granted this was a few years ago, when most IT staffs were small enough, you could probably get away with it. However what has not changed is the fact that it is far too common for IT and security admins and techs alike are subverting the policies they are the ones entrusted to protect.
I, like many, understand what deadlines are like, and boy do I know how tempting it is to cut corners, using domain admin credentials all the time, as opposed to just when absolutely necessary, or using backdoors to get back in from home so I don't have to come in to reboot a server. I also know how easy it is lambast the sales department for eating bandwidth, when I could just as easily be scrutinized for my internet usage when not swamped with tasks, should someone thoroughly check. However, we must remember that we are the ones they trust, we are the gate keepers, we are held to a higher standard, and thus should strive to meet it.
Security is especially dangerous for temptation, but we must eat our own dog food, we must follow the policies that we know are correct, and occasionally inconvenient. If we don’t follow our own policies, not only do we face reprimand for our actions, but we risk derailing what we have worked to accomplish.
How eager will a company be to enforce additional security policies when it knows its own IT department do not follow the ones already in place? We have to set a higher standard for ourselves, because if we break the laws that we create, how can we expect anyone else to abide by them?
No comments:
Post a Comment