TalentedApps

We put the Talent in Applications

  • Authors

  • Blog Stats

    • 579,539 hits
  • Topics

  • Archives

  • Fistful of Talent Top Talent Management blogs
    Alltop, all the top stories

Dune, the Maginot Line, and Wikileaks

Posted by Mark Bennett on December 28, 2010


How comfortable are you with sharing data within your organization these days?

The news surrounding Wikileaks, especially the possibility of it extending to the corporate world, has put a chill into the notion of using technology to increase sharing and dissemination of data. It was, after all, efforts to improve sharing of information across various government agencies that enabled just one individual to access huge amounts of sensitive data that then ended up being made public.

What can be done?

Meet the Mentat

In Frank Herbert’s “Dune”, addressing the vulnerability of technology was taken to the extreme. Rather than trusting important information storage and calculations to machines that could be compromised*, human “mentats” were used. These were individuals trained to have superhuman cognitive and analytical abilities and basically removed the technology factor and its inherent weakness from the equation completely. But the value was still there; the need for it had not gone away.

Well, we can’t train mentats yet, so we’re stuck with computers, networks, etc. to provide the storage, analysis, and collaboration value we need to be competitive. But we’ve seen already just how vulnerable we are when these systems are compromised. We store so much information in these systems, both for the ability to recall it when we need it as well as to gain powerful insights through analysis of it. We also get huge value from collaboration technologies, but they can also make us susceptible.

So what to do? If we can’t eliminate the technology, should we instead look for that perfect technological solution?

Fighting the Last War

The Maginot Line was built after World War I, with the memory of the horrific casualty rates of trench warfare etched into strategists’ minds. The technology of rifles, machine guns, and artillery had reached peak lethality, so the mindset of “defensive” technologies took hold. What followed was intense research into creating an impenetrable defense to virtually “guarantee” that the enemy could not attack successfully. The technology was impressive, but ultimately ineffective, because the ways used to defeat it never came into the thinking of its design.

So it is that much of the mindset around information security is about trying to set up impenetrable defenses to “guarantee” the security of sensitive information. Well, just as the Maginot Line proved less than effective during the subsequent blitzkrieg warfare of World War II, so it is that current information (and airport, etc.) security measures and strategies frequently turn out to be not as effective as we would like. Instead, we see what seems to be a lot of “reactive” steps, such as forbidding removable media, backscatter x-ray, etc. put into place after the proverbial horse had left the barn.

But this doesn’t mean technology has no part to play, either.

Technology + Mindset

So let’s bring a science fiction novel, a military misstep, and current events together. The point is that neither eliminating technology nor just depending on technology is the answer. We must instead constantly be questioning our mindset regarding information security and technology’s role in it. Whatever the technology, it is ultimately people, their thinking, and how they apply technology that determines the success of security, or the lack thereof.

————————————————————————-

*or worse, turn against their human masters (but that’s not an issue for us to concern ourselves with, yet.)

Dune cover via Wikipedia

Hochwald historic photo via Wikipedia

 

4 Responses to “Dune, the Maginot Line, and Wikileaks”

  1. Rod Fine said

    Mark, I agree with your conclusion. Technology can be used to help support people, good business practices etc; but it can rarely replace these things. It’s a long time (decades) since I read Dune, but technology has often been considered a solution to a number of problems posed by human storage mechanisms: performance (people forget), robustness (they die), security (they may be subject to bribery or other coercion) – so we’d be replacing one set of problems with another one.
    A particular interest of mine is scrambling of cloned live data for security and privacy. It’s a great example of where technology provides useful tools, but they should only ever be used in conjunction with good business practices. If you try to ensure your HCM professionals take their responsibilities seriously regarding the privacy of the people whose data they have access to, why would you not take the same steps with the people you entrust with scrambled live data?

    • Excellent points, Rod, and thank you for sharing your insight and example. You’re right – ultimately someone is going to access the data and the security begins and ends there. I worry that in an attempt to limit the damage that can be done by one person, administrators will overdo the segmentation of systems and we’ll be right back to information silos and/or unwieldy information hierarchies.

  2. Mark, interesting post. At the end of the day there will never be a perfect solution because it is very dependant upon people. There will always be the need to balance information accessibility and availability with privacy and security concerns and the buck stops with the people who have access to the information. It becomes a matter of trust. Trust that the people with data access will be good citizens. Trust that people associate the correct security profiles with the data they create. Trust that your procedures for determining whether the person should have access has determined they fall into the category of a good citizen. You can monitor procedures and behaviour but short of a sci-fi solution like pre-crime, all the technology and procedures will ever be able to do is keep the data access to the people you trust to have it.

    • Well put, Brenda! I think your identification of trust as the key matter is exactly right. Trust is one of those squishy but unavoidable topics that make many people in the corporate world uncomfortable, right up there with Passion and Power. Like you said, it comes down to people and people are not as tidy and controllable as technology seems to be (unless, of course, you remove the humanity from people through fear and *distrust*).

      Note to readers: I’ve added Brenda’s blog ( http://enablealignment.blogspot.com/ ) to our blogroll, something I should have done a long time ago. You’ll find it very informative, entertaining, and well-written. Check it out!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: