• United States



by Richard Hunter

Enterprises and Employees: The Growth of Distrust

Feb 11, 20052 mins
CSO and CISOData and Information Security

Enterprises are watching employees and employees are watching employers with increasing unease on both sides. In our global economy with its fluid workforce, in which longstanding relationships of trust are difficult to establish and maintain, the temptation for businesses is clear: monitor every employee, all the time.

Employees are feeding the distrust. Many enterprises live with the lost-time cost of widespread employee abuse of e-mail and Internet access. But it’s much worse than that. Gartner estimates that more than 70 percent of unauthorized access to information systems is committed by employees, as are more than 95 percent of intrusions that result in significant financial losses. Add to that the mind-boggling potential for carefully planned crimes of mass destruction and you can see the temptation to impose rigid security measures.

“Seventy percent of unauthorized access to information systems is committed by employees.”

How are enterprises reacting? Gartner estimates that average enterprise spending on security worldwide will increase by a factor of two to three within the next few years, and by a factor of 10 by the end of the decade. As usual where technology is concerned, most of that money will be spent on smart people, policies, processes, and procedures.

The unfortunate result of “clamping down” is more friction, the drag that distrust puts on relationships. Power and control work from the top down; productivity and creativity work from the bottom up. As top-down control exerts itself to a greater extent, there is a rupture of trust and a corresponding decline in creativity and productivity. Having your emails read or being watched by security cameras tends to naturally deflate one’s sense of company loyalty.

What top managers of enterprises need to find is a balance between security that can protect their businesses and free communication that can stimulate growth. Success depends on it. They need to think about that balance in terms of what Gartner research calls the “Resilient Virtual Organization” in which security is the ability to survive and prevail, not just hunker down and resist intrusion.