As the CTO of the Sesame Workshop (Big Bird and Elmo are part of his user base), Noah Broadwater was one of the most popular speakers at IDG Enterprise’s recent Consumerization of IT in the Enterprise conference.
But it wasn’t just his duffel bag-packed with giveaways such as Grover dolls and Oscar the Grouch lunch boxes-that gave him such a natural advantage on stage. It was his frank advice to IT organizations scrambling to cope with the onslaught of consumer technologies, social media and mobility demands.
“Go talk to legal before you do anything,” Broadwater said. “Once you have legal on your side…you can embrace tons of new technologies.” He further urged IT groups to “stop treating users like idiots” in the realms of security and data protection.
“Users understand security better than you think. Explain to them what you’re doing and why,” he added. “IT is there to protect and to serve.”
That sentiment resonated deeply with me and reminded me of the concerns I’ve heard so many CIOs express in recent months. What’s the best way to serve the escalating demands of uber-mobile, consumer-IT-crazed businesses while still protecting the company’s data and intellectual property?
Our cover story in this issue (” How CIOs Can Learn to Catch Insider Crime”) explores another aspect of the protect-and-serve duties that are inherent in the CIO’s role: preventing and detecting insider crime. This is a tough subject to write about because few CIOs will speak on the record about it. Senior Editor Kim S. Nash found that basic technology safeguards are all too often missing in fraud cases. In more than 1,800 cases of insider financial crimes, she notes, “IT controls came in dead last” among the 11 methods of fraud detection identified by investigators.
As consumer technologies pour into the enterprise-and as unprecedented amounts of data are being accessed from mobile devices-now is the perfect time to raise these issues in your own company. (Go talk to legal.)
As we talked to various experts for this story, it became clear that no single executive or department can carry the full weight of anti-fraud activities. But the CIO emerges as a potentially powerful voice in making this everyone’s business.
Maryfran Johnson is the editor in chief of CIO Magazine & Events. Email her at mfjohnson@cio.com.