Lock the Barn Door

Lately I've spent a lot of time thinking (and writing) about mobile workers. For the record, that's getting to be some of us all the time and all of us some of the time. (See Control's April cover story on this subject)  The efficiency and simple convenience of having access to information on your terms is hard to overlook. The technology is there to do it.

But one of the big stumbling blocks to taking advantage of mobile technology is security. If Stuxnet wasn't scary enough, stories like this one are often cause enough for managers of plants and IT departments to say, "Heck, no. No mobile access." According to the papers--can we call them that anymore since we're all reading them online so much of the time?-- some poor schmo at BP lost a laptop containing the personal information of 13,000 people suing for damages caused by the Deepwater Horizon spill. 

I'm not going to speculate on what karmic curse BP seems to operating under or what security measures they've taken to either retrieve or disable the missing laptop. The company is being pretty closed mouth about that, and I can't say that I blame it.

The point is, stuff like this happens with mobile devices. They get lost, stolen, left in pockets, in airport boarding lounges, on the seats in trains and buses or on restaurant tables. Heck, in our connected world, data can fall into the wrong hands even if it's on a big main-frame somewhere. Nick Denbow's article for Industrial Automation Insider on Chinese "market research" tactics are another Fair Warning. It's a brutally competitive world out there, and not all competitors "play nice." 

And yet, in spite of stories like these, security still seems to be an afterthought for many individuals and businesses. Right here in the comfort of my own living room, I can piggy-back onto at least three of my neighbors' wireless networks because they haven't bothered with the simplest kind of security. By the same token, many process operations are still thinking "security by obscurity" is going to save them without the hassle and expense of having a well thought-out, planned and enfoced security strategy.

Yes, good security costs money and time and effort. It's like the arms race--never over. The bad guys are always going to be trying to get at least a half a jump ahead, and you can never let down your guard. The demand for more and more mobile access to important company information isn't going to go away. Neither is the capability of determined folks to get information you don't want them to have.

Here's the point. In the 21st century, the information life blood of businesses of all kinds is in data on computers--many of them small enough to keep in a pocket. Businesses that will survive are the ones that have robust systems for keeping that data safe. Sure it's a hassle. It costs more than many of us would like. It means rethinking the way we do a lot of processes. But it has to be done. You've got to lock the barn door. Now.


Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


  • <p> Something that people often forget is that a modern spartphone such as an iPhone or Android is about as powerful a computer as a 10 year old laptop. In some ways it may be ore powerful. It is, unfortunately, common to see people, often ones in positions of control insist on having access to secure systems from their phones. That's fine as far as it goes but it also causes security issues becasue smartphones tend to travel with their owners and attach to totally unsecured Wifi networks as they do so. This means they can easily get infected and then, when the phone owner goes back to the office, the infection can now spread on the office wifi network. </p> <p> I have personally observed a (jailbroken) iphone in a US Defense contractor that was acting as an IRC server and attempting to call out to China. I doubt this is an isolated example. </p>


RSS feed for comments on this page | RSS feed for all comments