Over the past twenty-plus years that I’ve been working in the industry, the “personal computer” has gone from from obscurity to commonplace. Some of you may have been in the workforce long enough to remember when your organization first started using email, desktop publishing, and spreadsheets. At the time, everyone needed training, and often it was requirement before anyone was allowed to use or even requisition a computer. On top of this, they were very expensive, and justifying the ROI often meant they were only used for very specialized parts of the business. Today, having PCs in the workplace is taken for granted. Likewise, I’ve seen an increasing expectation that all employees know how to use a computer, and in some cases, a high level of proficiency is just assumed, regardless of training, background, experience or industry.
While it’s largely true that computers have become much easier to use than in decades previous, they have also become much more complex – both in functionality and in how intertwined they have become with modern life. Remember the “golden days” of automobiles where any red-blooded American could roll up their sleeves and work on their own cars? Nowadays even professional mechanics rely heavily on computers to figure out what’s wrong with your car. Most people were never even presented with the opportunity to “pop the hood” of their computers, and despite the prevalence of modern technology everywhere we look, only a miniscule percentage of us ever go beyond cracking the case of our computer to blow out the dust bunnies with canned air.
Why this is important to business owners and leaders:
Do you remember when being proficient in computers was considered “geeky” or “nerdy”? Now the opposite is true – we joke about folks that struggle with their smartphones and computers. The assumption that “everyone” knows how to use a computer can lead to other more dangerous assumptions about your organization’s security. In today’s technology security environment, humans remain the weakest link, and the bad guys know this.
Do you assume your employees know to not use work email for personal use?
When email was new to the workplace, this rule was strictly enforced, but times and workplace culture has changed. Now that everyone has email, computers and smartphones, enforcing this practice has often been de-emphasized in the pursuit of “work-life balance” or outright dismissed by companies attempting to shed “uptight” business culture roots. Unfortunately, co-mingling personal and business technology can result in significant security risks for both the business and the individual.
Do you assume your employees know what do when they get a virus infection?
Depending on your company’s culture, the employee might be too scared or ashamed to admit they’ve been compromised, even if you have an IT person or department ready and waiting to help them. An unreported security breach can lead to Sony-sized hacks on your organization.
Do you have a technology usage and/or security policy for your company? If yes, do your employees understand and adhere to this policy? How do you know?
The most dangerous assumption here is that making your employees sign an agreement acknowledging this policy equates to enforcement. Proficient technology use requires training, and using this same technology securely requires regular training and checks. Just like technology itself, the practices and office culture surrounding its use are constantly changing, and both the company policy and the employee’s knowledge should be updated regularly.
Image courtesy of pakorn at FreeDigitalPhotos.net