Computers are ubiquitous at work these days, especially for office work. And computer security is, understandably, among the concerns for management. Yet…
Here is a case for you: You are a lower-rank manager and are told to make sure your direct reports, all 40 of them, be security-conscientious and not leave their computers unlocked while away from their desks. What is your response, to yet more requirements and training sessions for everyone, including you? And what solutions would you recommend?
There is a currently available technology that a computer can use to detect whether the user is still sitting at the desk or standing at the workstation(some prefer standing while using their computers). Imagine if you just get up to stretch your legs a bit, or use the restroom, and you are shut out and have to log in again in another two minutes when you return. For those who have a private office, they could leave and just lock the office door. But most people work in cubicles these days.
Or, you can rely on the old technology, i.e. constantly remind people to lock the computer keyboard when they leave, even for just two minutes. How long did it take you to recognize the flaw in this approach? Yup, people forget from time to time…even if you give them a big poster to put above the computer.
Either of these strategies is by nature adaptive, tweaking the status quo a little to satisfy the latest demands, the situation on the ground, or to buy some time.
A permanent solution would be, for lack of better term, technical, actually altering the nature of the operation, and hopefully bringing some relief to the burden of requirements that people must remember. For instance, you can get fingerprint recognition in the mouse. But how useful is this particular type of mouse if you can only unlock the computer but not lock it?
Think about it (I actually did have to think hard on this): When you step away from your desk, you probably have a dozen items on your mind, and locking your computer is not a top priority. (If this were your organization, would you want this to be a top priority? Wouldn’t you rather your people were wrapping their minds around bigger problems?) When you come back to your station, you don’t need to be reminded to unlock the computer if it’s locked, you just have to remember how. The unlocking phase imposes much less distraction and stress on people and their organizations than the requirement to remember to lock – each time, every time. So, why not have the technology be commensurate with typical human behavior? Maybe teach the mouse to recognize the absence of recognized fingerprints, or design other more clever ways to lock the computer.
One could argue that it should take only a few minutes to learn to remember logging out or locking up. Really?? Remembering that a dozen times a day, adding these interruptions to the work flow or the creative flow, competing with remembering the 10 more points you need to make in the memo you’re drafting when you get back to your cubicle? When I write, I step away from my computer at least a couple of dozen times per article. If I had to log out and log in e-v-e-r-y single time, I would likely go through computers very quickly, and someone would find many computer carcasses in the dumpster.
Of course, I am not arguing against defending our national security or industry secrets. But remember the Third Law of the Thermodynamics? You cannot, ever, reach 100% safety and security without sacrificing 100% of everything else. And each additional measure, when implemented, will consume exponentially increasing amounts of energy. People will spend ever more of their precious time and mental bandwidth complying with the safety and security codes, and ever less to real productivity.
Now I understand the points made by one of my readers in his entry on “Whatever happened to modern thought?”
Till next time,
Staying Sane and Charging Ahead.
Direct Contact: firstname.lastname@example.org
copyright taso100 © 2010 – 2015 all rights reserved: no photos or content may be reproduced without prior written consent