Policy Compliance Tools Aren’t Perfect

Policy and regulatory compliance tools are outbound email filters that attempt to stop users from violating organizational policies or regulations. An example of such a policy is: "Only people in the PR Team group are allowed to email press releases to people outside the company."

Policy compliance tools are useful for saving users from making silly mistakes, but not so good at preventing deliberate violations. If your competitor tries to steal your PR plans by planting a mole, no policy compliance tool could conceivably prevent them from stealing next week's draft press release. Although it might frustrate their attempts to email the draft, it won't prevent the use of other media such as flash drives, CD-Rs, or the good old printed page.

Beware of relying too heavily on technological solutions to problems. Don't neglect the more obvious strategies, such as vetting contractors and keeping sensitive data under lock and key.

... Richi Jennings

One Trackback

  1. By Computerworld Blogs on April 25, 2006 at 6:27 AM

    Sun bids Scott buh-bye (and USAF foam fun)

    Did you hear that? Sounded like IT Blogwatch, in which Scott McNealy presses the eject button. Not to mention filling an Air Force hangar with bubbles…

Post a comment

You must be logged in to post a comment. To comment, first join our community.