Reining in the Rogues
So how can firms stop the use of rogue technology? One defense is a technology security strategy. “We require rigid standardization so that everyone is running the same laptop with the same system image and the same software on it,” says Belanger. “Then we give users guidelines about installing additional software and modifying the system image.”
Those standards apply to any technology that employees use in the workplace, even when they use their own money. “We call it the ‘embrace the technology’ approach,” says Schreck. “If you want to buy a PDA, that’s OK, as long as it’s a PDA we’ve approved. The same is true with wireless access points. My group here wanted an access point, but before we deployed it we told IT. They said, ‘If you want to buy it, please set it up in a secure part of the network and, by the way, turn on these specific settings.’”
Of course, gentle guidance doesn’t always work. To detect the presence of rogue technology, Forrester is rolling out Cisco Systems’s new Security Agent system. Other companies are buying content-monitoring tools from vendors such as Vericept or network sniffing devices from companies such as AirMagnet. Installing a firewall on personal Wi-Fi-enabled laptops is also becoming de rigueur. And for those times when all else fails and a virus invades, CodeFab and partner Illuminex Inc. are at work on FireBreak, which employs a distributed, scalable network of “tar pits” and “sticky honeypots” that slow the intrusion until its source is found.
In short, IT is on the job. “IT usually is the first to get blamed for these problems, but the fact is that IT is doing all it can,” says Gold. “CFOs have to realize you can’t give people flat budgets and expect they can cope with new threats. The tools to close the borders have to come from somewhere.”
Russ Banham is a contributing editor of CFO.
The damage camera-phones cause in the workplace is only beginning to be recognized.
“If you’re Intel, do you want workers happily snapping pictures of their colleagues while in the background is the company’s secret new technology?” asks Meta Group’s Jack Gold. But managers often don’t look twice at camera-phones, thinking of them more as telephones, or perhaps E-mail devices.
New jamming devices, however, are being developed to counter the threat. Iceberg Systems, for instance, is beta-testing technology that would deactivate the imaging systems in camera-phones once they cross into specific locations. Meanwhile, some companies, such as Samsung, have recognized the danger, and reportedly banned the devices altogether. —R.B.