Friend-LINK: <%=INSERTTEXT%>

September 22, 2000

Security for your company and your career

If you liked this Career-Op column, please consider a payment of $0.25 using PayPal.

Most computer security discussions today focus on the Internet, firewall systems, and anti-virus programs, but high-tech careerists will find that security goes far beyond that. Too often the weakest links in the security chain are the people who develop and use the technology.

Importance of security to your career

As a high-tech worker you must understand that computer security or the lack thereof can have a direct and dramatic effect on your career. Whether you are a manager or a staff member, allowing a cracker to break into your system could bring about your immediate termination. You could be fired for allowing the company’s competitors or the trade press access to confidential information. It matters little if the exposure was intentional or not or if you were directly involved. . A breakdown in security reflects on you even when it is perpetrated by another staff member. You need to do all you can to reinforce security at every opportunity. This doesn’t necessarily mean assigning randomly generated passwords, biometric security devices or better locks. Usually it means developing an understanding of what makes you and your high-tech peers tick.

Isn’t that neat?

The biggest security problem faced in today’s high-tech industries is the "WOW" factor. Every one likes to brag about the neat things they are doing on the job. Unfortunately, tipping your hand to the competition can lead to disastrous results. "First to market" is a buzzword that permeates the high-tech industry, especially in those companies focusing on the Internet. If another company can take your idea and get to market first you can kiss your venture capital, your company and your job good-bye.

You best defense against this sort of security risk actually involves more communication, not less. If you want to keep certain information secret you must give your workers and peers very clear instructions on what can and cannot be talked about outside the company. You may have to issue very detailed guidelines such as "you can X and Y about this project but never Z." You should also be very clear about why you are trying to keep this information secure. Explain the importance of the project to staff members and also the consequences should the information leak out.

Finally, you want to make sure that your staff has something they can talk about. Sometimes the urge to share your work can become overwhelming so it is better to have information that can be shared instead of trying to bottle up everything. Face it, most companies need not be as secure as the NSA or CIA. There should be a regular flow of information to staff members letting them know when they can reveal certain information about the company. Be sure to include high-tech staffers in product rollouts and press events. One of the best ways to keep staffers from talking ahead of time is to insure that they will get credit for their work once the project is completed. Too often the people who did the hard work are ignored as company executives take all the credit. Such behavior almost guarantees that staffers will take matters into their own hands and talk up their own involvement, possibly revealing information that should have been kept secret.

If you can’t say something nice...

While the leaking of information about new projects and products can harm your company, information about day-to-day operations can also give competitors an advantage. Often, you will see public messages from high-tech staffers bemoaning problems with a piece of hardware or software that is being used in their company. Although they certainly don’t intend it this way, they are broadcasting a weakness of their company to the world at large. You might want to avoid sending the message that your e-commerce program is failing every 5th order or that you can’t fulfill a commitment because your web server is acting flaky. Such information can be used directly against you and your company by competitors.

Sure, we all like to vent our spleen about a bad vendor or manufacturer, or even ask for help from others who might be experiencing the same problems, but you should ask yourself about the implications of what you are about to post publicly before hitting the send button.

Security, even in the high-tech world, goes far beyond passwords, keycodes and encryption. Unless you provide yourself, your employees and your peers with a basic understanding of what needs to be secure and why, you will suffer from information leaks that can cripple your company and your career.

about this column.

---

Previous Career-Op Columns

September 24, 1999 Career Planning

September 1998 Skills You Need

September 26, 1997 Peeves, Pitfalls and Pickles: Part 5

Douglas E. Welch is a freelance writer and computer consultant in Van Nuys, California. Readers can discuss career issues with other readers by joining the Career Opportunities Discussion on Douglas' web page at: http://www.welchwrite.com/dewelch/ce/

He can reached via email at douglas@welchwrite.com