This past summer I toured a large company’s “innovation center,” where they try new, risky things. “We don’t involve the legal or IT security departments in this stuff,” the tour guide said.
I wish I was surprised. And while I’m sure the tour guide thinks he isn’t missing much, it could be a missed opportunity.
Let me cue you in on a little secret: Good security professionals love technology and innovation. No, they love technology and innovation. Chances are, the first person in your organization to buy any new technology on the market–and I’m not just talking smartphones and tablets, but also smart thermostats and LED light bulbs–probably was someone in the security department.
Security pros tend to fall into one of two extremes. Some are paper pushers, but the ones who aren’t paper pushers probably are technologists. Rabid technologists. And even though a technologist/security pro will make you do some things you don’t want to do in your project, that’s also exactly the kind of mind you want to have involved in those projects as early as possible, because that type of person is going to contribute more than just security to the project. That person can be a resource to bounce ideas off of, or even to help with troubleshooting or design from time to time.
Ask your security person about his or her home network. If that person just has a computer, a router, and a modem, keep looking. But if they have an elaborate setup, or better yet, a skunkworks in the garage, it’s probably a good idea to get that person involved in your organization’s super-secret innovations. That person is going to be a fount of ideas, and even more importantly than that, will feed off the ideas the rest of the group is having.
The project will see several benefits. It will likely be more innovative, will probably finish on or ahead of schedule, and then, once it comes time to go live, there won’t be nearly as many delays due to security because someone from security was involved and likely headed off the biggest issues before they could become issues.