IT concession No. 8: Your company's deepest secrets are only a tweet away
Your employees are using social networks at work, whether they're allowed to or not. According to Palo Alto Networks' May 2011 Application Usage and Risk Report, Facebook and Twitter are in use at some 96 percent of organizations.
The problem? According to Panda Software's Social Media Risk Index (PDF)5, one-third of small to midsize businesses have succumbed to malware infections distributed via social networks, while nearly one out of four organizations lost sensitive data when employees spilled the beans online.
"The behavior of people using social media is like their behavior using email 10 years ago," says Rene Bonvanie, vice president of worldwide marketing for Palo Alto Networks. "With email, we've learned to never click on anything. But inside social media, people click on every tiny URL because they trust the sender. That's why botnets we successfully rebuffed five years ago are now coming back via social media. It's a big risk and we see it all the time."
Even organizations that use social media security solutions or data loss prevention tools can't keep Facebook fans or Twitter heads from spilling company secrets or other embarrassing facts to the world, says Sarah Carter, vice president of marketing for Actiance, a maker of Web 2.0 security tools.
"What's most important is education," says Carter. "Educate, re-educate, and educate again. Put technology-coaching solutions in place, where you can remind users of the risks regularly and remind them also of your company policy about visiting sites that are not relevant to business."
IT concession No. 9: Your users will never support themselves
It's the dream of every IT department. If they could only get those needy users off their backs they might get some actual work done. But despite investments in online knowledge bases and automated support solutions, the notion that organizations can ditch their help desks is still the stuff of science fiction, says Nathan McNeill, chief strategy officer for Bomgar, a maker of remote support appliances.
"IT can deflect a big chunk of common issues -- like password resets -- with self-service, but it will always be more cost-effective to have humans handle the one-off and more complex issues," he says. "Even if the technology miraculously works 100 percent of the time, users won't be able to figure it out 100 percent of the time. As long as technology keeps evolving, humans need to be around to evolve IT support."
Instead of self-service, organizations would do better to invest in remote assistance solutions, says Chris Stephenson, co-founder of management consulting firm Arryve.
"Many organizations build a database of questions and leverage workflows to help drive end-users to an online answer," he says. "In reality, end-users are more frustrated when they finally talk to a support person. The investment in self-help support would be much better replaced with remote assistance in many situations where the support staff can gain access to the user's computer immediately and solve the problem directly."
IT concession No. 10: You will never get the respect you deserve
Call it Rodney Dangerfield Syndrome: No matter how hard they work or how vital they are to an enterprise's very existence, IT pros shouldn't expect to get a lot of respect outside their own ranks.