Channels ▼


In Depth: Is Centralized IT Killing Tech Innovation?

Construction company Barton Malow takes the hard-line approach, using proxy servers to give employees access only to sites deemed business-relevant. It works with business units to add sites to the list or give limited access if there's a business need. The company controls access to Web apps through ports in its firewall. "It's not perfect, but it is very effective," CIO Phil Go says.

The Bottom Line
For many IT managers, talk of expanding access to Web apps or giving employees more control begins and ends with security.

With the increased revelations of system breaches and vulnerabilities, and warnings about all manner of other misconduct employees are capable of, it's no wonder that business technologists are paranoid. "We've found things like active prostitution rings being run out of organizations," says John Amaral, VP of research and development at content monitoring and filtering company Vericept. "We've found corporate espionage, people falsifying claims of sexual harassment."

But security concerns can become a crutch for IT teams, Gartner's Smith says. "If they put policies in place and make it so that people go around them, they end up opening up bigger security holes," he says. For instance, severely limiting E-mail storage can encourage employees to use a free service like Google's Gmail, putting sensitive information at risk. Better to just give employees the E-mail storage they need.

Overbearing security can hurt productivity. The software developer cited earlier relates how the IT department's fear of malware has led to an over-the-top computer hygiene regimen that even shuts off a PC's audio, cutting him off from Web conferences and seminars. Then there's the matter of basic computer performance. "I don't mind the scans when I go to a Web site or the prolonged downloads," he says, "but when my cheap, underpowered computer at home kicks butt on my work computer, there is something wrong."

ProBusiness Services, a division of payroll services company Automatic Data Processing, gives considerable flexibility to its tech pros at least. Senior network engineer Bob Pierce uses lots of open source security tools, such as Nessus and LaBrea, not sanctioned by the IT shop. "I kinda come from the Wild West, so I definitely would push back against any policy that prevented me from downloading software that I needed to do my job," Pierce says. "Almost everything I use is not supported by the organization."

That doesn't mean companies should give employees carte blanche, Pierce says. Anything imported must be run through security checks to ensure that they don't contain viruses or spyware. Any output from the unauthorized software must be compatible with corporate software standards--spreadsheets that produce Excel files, for instance. And don't expect the help desk to support the unauthorized stuff. "But having a blanket policy that says you may only run our standard applications is awfully shortsighted," Pierce says. "People work and learn in different ways, and having some arbitrary decision made isn't a very realistic perspective on productivity."

The pressure isn't going to let up on central IT teams, whether it's from people like Pierce on the inside or from an outsider like Bennett Haselton. Haselton, a programmer, runs, a site that helps Internet users figure out how to bypass filtering software. Some sites, like Boing Boing, offer tips on their site for how to foil business's Web filters. "I've always thought if your employer needs to censor your Web access to keep you productive, then your workplace rewards must not be very performance-based," Haselton says.

Employers are limiting the use of unauthorized technology, often for the sake of safety. The question is whether IT's caution creates too much drag. The challenge ahead for IT organizations is to strike the right balance --and to maintain that balance as the ground shifts.

Related Reading

More Insights

Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.