It would be good to think that I spend all my time defining strategy, sending out edicts,and generally pontificating. Fact is more often than not I become embroiled in issues that are fairly mundane. However, let’s not underestimate the importance – they might appear to be mundane but fact is that at the other side of the email or telephone call is a person trying to get a job done. An important point to make is that there is frequently more credibitility to be gained within the business by ensuring that the trivial tactical issues are dealt with than through defining grand new schemes.
Today there were a couple such issues. First up was an issue around the policy set for the length of time before an individual’s BlackBerry device will automatically lock and thus requiring a password to be entered before it can be used. The policy is fairly strict and there have been complaints. I’ve relented to some degree and agreed that the time period can be extended by a modest amount. It appears that others of you have been dealing with a similar issue. For instance here on the BlackBerry forum where it seems individuals are setting policies ranging anywhere from 2 minutes to an hour.
We shouldn’t become flippant about the risk. It’s easy to shrug it off and presume that no-one would be interested in reading the emails or that we’re protected because the devices can be remotely wiped. We should make no such presumptions. The fact is that if somebody can get hold of your BlackBerry, unlocked, then that person can, for all intents and purposes, become you.
I enjoy dealing with day to day issues such as this although the outcomes are not always positive from an end-user perspective – they can easily be left feeling that security is putting a block on their ability to work. What I try to do is ensure that the reasons for a particular policy are clearly communicated and if there is a good reason for preventing a particular action it’s always good to have an alternative solution to present. Never say no, put a price on yes!