It would be a good thing if the kind of IT thinking exemplified by Roger Grimes just went away. It's perfectly sensible to demand a secure compute environment, but that shouldn't come at the cost of preventing actual bill paying work. Here's Grimes:
As expected, I caught a lot of flak for last week’s column suggesting that one of the better, real security solutions an administrator could implement is to prevent unauthorized programs from executing on business-owned computers.
You think? The problem with this theory is that there are new classes of applications all the time. Take news aggregators, for instance. The marketing and product management types need to keep their fingers on the pulse of customer commentary. Sure, there are online apps they can use, but some will prefer desktop applications. Grimes' policy would just ban them outright. What about IM? Sure, there are corporate solutions, but those cost money. Is it a better use of IT's time to ban IM clients and spend real money on an "enterprise" solution?
Those are just a couple of examples. This kind of thinking tends to lead to truly anal, productivity killing IT behavior - like mandating a specific email client as the only one allowed. When your security policies mostly prevent value, you've gone too far. Grimes is a prime example of this:
IM is a good example of an app that users love but isn’t necessarily good for business. About a decade ago, IM began to appear in corporate environments, installed and used by end-users without IT or administration approving it. Heck, IM vendors went so far as to create firewall-evading install routines to ensure their IM products would intentionally circumvent IT-initiated firewall policies. IM has even been incorporated into a few corporate communication products.
But for the most part, it’s a complete waste of time for most businesses. Employees aren’t sending IMs to other employees and partners about business issues. It’s mostly a way for employees to conduct more private personal chats on company time without being seen connected to a telephone all the time.
Hey Roger - you're full of it. I use IM for business every day. It's how I stay in touch with the geographically distributed team I work with. Heck, I use IM for personal stuff once a week, at most. I use IRC for the same thing. The "non-work" stuff that happens on IM and IRC is equivalent to office chatter at the coffee machine. The paragraph above makes me wonder just how in touch with the real world of work Grimes is these days.