Monthly newsletter Weekly news roundup Breaking news notification    

IT security – the challenges and opportunities of cultural diversity and dispersed teams

Get free weekly news by e-mailPaul King, senior security adviser, Cisco Systems UK & Ireland

Introduction
If your company does business in other parts of the world, chances are high that many of your project teams will be working with people across different cultures and continents. According to the Economist Intelligence Unit, three of the key business trends for the next 15 years will be globalisation, atomisation (businesses fragmenting into smaller and more distributed operational units) and knowledge management. All three will have a significant impact on the structure, functioning and distribution of teams within and across businesses. As UK organisations become more global in their operations, their workforces will in turn have greater cultural diversity. Rather than muddying the waters, however, this phenomenon has the potential to transform our productivity.

Recent research from occupational psychologists Pearn Kandola has shown that while dispersed teams may take longer to reach the productivity levels of their mono-cultural counterparts, they will then go on to overtake them. It takes an average of 17 weeks to overcome the lack of trust created between multi-cultural teams due to ‘virtual silences’ – a failure to respond immediately to e-mail and voice messages – and a lack of face-to-face conversation. As multi-cultural and geographically dispersed teams become more commonplace, effective collaboration will become more important. The take up of technologies such as telepresence, [http://en.wikipedia.org/wiki/Telepresence ] instant messaging and video over IP will help to address many of these communication problems. However, with these new technologies – and indeed the very nature of collaboration itself – come new challenges to your IT security.

Security habits for a connected workforce
There’s no denying that these more ‘flexible’ working practices are entering the mainstream. For example, recent research from the Yankee Group showed that three quarters of small businesses endorse remote working. These organisations are set to reap considerable rewards as a result, but what about the possible risks? A survey of end users and IT managers commissioned by Cisco during the summer of 2006 turned up some alarming trends that organisations may need to take note of:

Perhaps the most worrying statistic to emerge from the research was the startling increase in security related helpdesk calls, reported by over 38 percent of respondents. The main problems cited were viruses, phishing and spyware. Although these threats are not new, the underlying issues that allow them to take root are a worry. The survey found that one in five employees allows friends and family to use their work computers for personal use – and one in four open e-mails they don’t recognise – potentially opening their system to attack. Put these two facts together and it’s not hard to see why security helpdesks are becoming swamped with calls from desperate employees.

Enabling the virtual team
Aside from the obvious inconvenience of employees being out of action due to infected computers, and an overworked IT helpdesk, British organisations need to be aware of the real cost of not having a security policy in place that can cope with our changing modes of communications and business practise. Two thirds of the IT decision makers questioned said they expected their security related IT investments to increase in the next year. However as any good business knows, throwing money at a problem is never the best solution, you need to find the root cause.

At the core of these survey findings is the fact that over half of IT professionals believed that their users did not think the IT department had a right to know how they were using their company hardware. This lack of trust is worrying, not only for reasons of IT security, but for the business as a whole. Imposing stricter access policies or monitoring user behaviour is clearly not the answer, as it just breeds more distrust and affects business harmony. So what is?

Technology, policy and training
IT security is not just about having the right firewall or anti-virus program in place – as even these would be useless against a phishing attack, for example. It is far better – and cheaper – to teach users how to act securely and responsibly when they are online, as well as establishing security policies that lay down the law.

Training needn’t necessarily involve lengthy ‘chalk and talk’ sessions – and formal training seminars may be counterproductive: security problems and attitudes to them differ from country to country, yet organisations need to encourage everyone to behave the same way. To this end, ‘games-based’ and interactive video tools are growing in their appeal – we take such an approach at Cisco, for example – and they are very effective at getting their message across to multi-cultural audiences.

It goes without saying, however, that any effective security policy relies on a solid ‘defence in depth’ strategy. So, regardless of whether employees are at their desks or on the road, the company is protected, without hindering a team’s productivity.

Conclusions
There is little doubt that the future will see more distributed and virtual teams, more advanced communications technology, and ever more elaborate security threats. In spite of this, organisations that don’t embrace the new world order will begin to lose out to more nimble competitors. Yet it would be irresponsible to these new ways of working without properly assessing the risks. A combination of technology and policies will help mitigate these risks – and give a real fillip to the virtual teamwork outlined above. Fostering greater collaboration whilst ensuring continued security will be the hallmark of tomorrow’s business success stories. Successful organisations will realise that security is an enabler of business, and should not be used as an inhibitor – it is the reason you can do business, not the excuse that you can’t.

http://www.cisco.com

Date: 31st May 2007• Region: UK/World •Type: Article •Topic: ISM
Rate this article or make a comment - click here




Copyright 2008 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help