Remote Workers, Costly Data Breach Notification, Being Too Nice at Work and More

This issue of Trendlines from the 11/15/08 Issue of CIO Magazine covers Remote Workers, Costly Data Breach Notification, Being Too Nice at Work and More

Remote Workers to IT: We Care About Security

Fear not IT and infosecurity personnel. Most remote workers, mobile users and road warriors toting around laptops and BlackBerrys have the business's best interests in mind when it comes to network security, according to a survey from mobility vendor Fiberlink.

Seventy percent of remote workers say they would rather get their work done on a secure network connection, even if it meant their assignment would be late. In addition, 96 percent say their IT department does a good job enabling mobility by supplying devices, providing network access and helping them stay connected when working remotely.

More love for IT: Almost 78 percent of respondents say their IT department has provided them with technology that lets them use their own PC while working remotely.

This is not to say that remote workers can't put their organizations at risk. Almost one in four have altered security settings or purposefully delayed security updates. Many have downloaded personal pictures and videos (43 percent) or software for their own use (31 percent) on their company laptops.

And 25 percent admit visiting inappropriate websites on their corporate laptops. Lastly, just how important has Internet connectivity become to remote workers? The survey found that 74 percent of mobile workers can't get their jobs done without the Internet.

In addition, almost two-thirds of those surveyed believe it would be easier to live without their car for a week than without the Internet.

-Thomas Wailgum

Avoiding Costly Data Breach Notifications

Privacy Organizations spend serious money dealing with data breach notifications—millions of dollars that could be better spent on improving security procedures or technology, according to Bart A. Lazar, a partner with the law firm of Seyfarth Shaw.

The CIO and the legal department can try and limit the risks associated with incident response while conserving resources, says Lazar. He offers five tips that shouldn't break the bank.

Encrypt personal information on laptops. It is expensive (approximately $50-$100 per laptop), but worth the cost. Also, the unauthorized access or disclosure of encrypted information does not trigger the sending of notices under most state database security laws. Just make sure that it is at least 128-bit encryption.

Replace or truncate social security numbers. If your business can substitute another number, you will create a fairly unique identifier that is difficult to use for identity theft purposes and should take you out of most state database security breach law scenarios.

Conduct due diligence on vendors. The CIO or an IT employee should interview the vendor's CIO or inspect the premises as part of awarding a contract.

Check the garbage. Several security enforcement proceedings were the result of thefts by cleaning contractors, or failure of a company to properly shred personal information.

Communicate policies to employees. Often, companies have good policies in place. The problem is that employees have not been asked to confirm that they have read and understood the policies or they are not trained on the policies.

-Bart A. Lazar

Economic Woes May Lower SaaS Prices

The ongoing global economic crisis may spark a pricing war in the SaaS (software-as-a-service) arena, according to a major vendor in the space.

At an investor conference last month, Salesforce.com Chief Financial Officer Graham Smith discussed the company's readiness to lower prices in order to remain competitive. "It won't surprise me if, going forward in these times, we see much more aggressive pricing. That's sort of typical," says Smith. "We are able to match pricing."

Smith indicated that Salesforce .com, known for its customer relationship management (CRM) software, is not about to run a closeout sale.

SaaS vendors typically cite a handful of advantages to the model such as no need to buy and maintain new hardware, faster deployment and easier upgrades. So while some price cutting may be at hand, such factors could also compel more customers to adopt SaaS, according to Forrester Research analyst Ray Wang.

But another observer believes Smith's prediction will be borne out in the market. "We were already predicting something of a battle on pricing given how aggressive Microsoft is being around Dynamics CRM Online. I guess the economic doom and gloom just lifts that," says 451 Group analyst China Martens. "I've yet to hear the same price-cutting story from other SaaS players name-checking the economy, but it's sure to come."

Beyond the world's economic woes, SaaS has now reached a certain level of maturity, and customers have had time to measure costs and their return on investment compared to on-premises software deployments, Martens says. (Read "What SaaS Means to the Future of the IT Department") Meanwhile, other on-demand vendors acknowledged that pricing could become an issue but, overall, painted themselves as being in a sound position to weather the rocky financial times.

-Chris Kanaracus

The Danger of Being Too Nice at Work

If you're a nice person, you probably think that being nice works to your advantage in the office. Right?

Not necessarily. What nice people may not realize is that being too nice can seriously stymie their career growth and success, says Russ Edelman, CEO of Corridor Consulting, and coauthor of Nice Guys Can Get the Corner Office: Eight Strategies for Winning in Business Without Being a Jerk. "The people in business who suffer from nice-guy syndrome are not achieving their true potential," he says.

The problem with nice, according to Edelman, is that you run the risk that people will take advantage of you.

Nice is not just a problem for individuals. It's a problem for businesses, too. Employees who are too nice cost their companies time and money. In a survey of 50 CEOs, Edelman asked about the impact of "being too nice" on their businesses. The CEOs said that, on average, being too nice has the potential to cost them eight percent of their gross revenues. In other words, they believed their companies could have earned more money by being more aggressive.

Edelman notes that managers who are too nice are reluctant to make decisions on their own. They fear confrontation or hurting the feelings of others, so they include everyone in their decision making. That wastes time and can lead to missed opportunities."If you appease everyone, if you fear hurting people's feelings, you do a disservice to whatever project you're working on, to yourself and your business," he says.

Softies need to toughen up, says Edelman. "I'm not advocating that people become jerks," he says. "But they need to find a balance to stay true to their nice nature while also being appropriately assertive and protecting their interests."

-Meridith Levinson

Copyright © 2008 IDG Communications, Inc.

Discover what your peers are reading. Sign up for our FREE email newsletters today!