IT | Security

Consumerization and IT

By: Absolute Team | 9/22/2010

Bruce Schneier and Marcus Ranum recently put together a point / counterpoint essay asking "Should enterprises give in to IT consumerization at the expense of security?" It's a great essay, which can be read by following the links above.

Bruce's conclusion was:

"Security is always a tradeoff, and security decisions are often made for non-security reasons. In this case, the right decision is to sacrifice security for convenience and flexibility. Corporations want their employees to be able to work from anywhere, and they're going to have loosened control over the tools they allow in order to get it."

While Marcus' conclusion was a bit more long-winded, but he ends with this:

"Corporate IT's attitude toward security seems to be "Now that we've finished trying to do something smart, let's do something really stupid!" Except that, a lot of the time, we leave out the first part."

What do you think? Are we making data leakage easier by allowing for consumer IT products to be used for office work?