Magazine article Computers in Libraries

A Different Spin on Security

Magazine article Computers in Libraries

A Different Spin on Security

Article excerpt

There are a lot of scary things to worry about when it comes to security. Threats from malicious hackers are all around. Some break in to steal information and others do it as acts of vandalism. Few are the "idealized" hackers who do it just to prove they can. Universities are facing the reality that they are providing the perfect environment for hackers to hone their skills. Students who, during high school, were limited by slow modems and scrutinizing parents then go to college and have access to unlimited bandwidth, and have no one telling them to turn out the lights and go to bed.

But if you do a search in Google on the word "security," do you know what entry pops up first? (I mean after the sponsored link to eBay.) National Security Agency? Nope, it's eighth. Homeland Security? Nope, sixth. Symantec? Uh, fourth. The number-one link is to the Social Security Administration (SSA) office online!

What does that say to you? Well, first of all it says that this author puts Way too much faith in Google's PageRank technology! But hey, a lot of sites must be linking to the SSA, and I think that is an indication that retirement and making ends meet are pretty high-priority topics. I know way more people who talk about jobs, the stock market, pension plans, and the economy than whether their computers are getting hacked or their identities stolen.

For most people in this day and age, security means more than a life on the Internet, the liberty to look at any Web site, and the pursuit of happiness on Travelocity. It means having a roof over their heads and food to eat. It means worrying about pension and retirement plans that are taking a hit on the stock market. It means worrying about the economic condition of their states and how that's going to affect their jobs in libraries. In short, day-to-day computer security isn't going to be anywhere near as important to them if they are worrying about week-to-week survival.

Learn How People Really Feel About Security

So here's my spin on computer security: Don't expect the people who use computers to give security the highest priority unless you try to make them feel secure too. I think that too many computer people think of only two things when they talk about security-making sure the computer or network system is secure, and making sure the data on those systems are secure. But there is a third important part of the equation-the people. You can talk about data integrity and systems stability, but you also need to talk about personal comfort.

Let me give you an example: Most often, when someone talks about backups, she says, "The data need to be backed up," instead of "We need to create an easy and comfortable way for you to back up the data." A subtle difference, but an important one because the first way de-emphasizes the role of the person involved. If you want people to be serious about data and systems security, then you have to make sure they feel comfortable about them.

In training (Oh, you knew I'd get there eventually, right?), the idea of changing someone's attitude is sometimes called "altering affective behaviors." That's right-training can attempt to change someone's attitude. You do this by identifying what attitude someone should be displaying, what she's doing now, and how to get from one point to the other. The essential part of this is that you are looking for an outward demonstration of the attitude. For instance, someone who is scared to touch a CD may be afraid she will damage it with her fingers. By demonstrating to her that a CD can be touched with some caution, you can change her hesitant attitude.

Affective Behaviors

Let's say that you know a staff member is not backing up his hard drive. You inquire as to why and find out that he is uncomfortable because he might have some personal files that he doesn't want to put on a backup disk. The affective behavior is that the person is afraid that someone will see his personal files. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.