IT Confidential: Don't Apologize About Data Loss--Just Don't Do It - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Business & Finance
04:20 PM
John Soat
John Soat

IT Confidential: Don't Apologize About Data Loss--Just Don't Do It

Adequate data security means never having to say you're sorry.

My son's first day of college is the day after Labor Day, and my wife and I are driving him to school at the end of this week. Several hours in the car afford time for the Big Talk--you know, the one about taking life seriously, applying yourself, always keeping a positive attitude, and learning from your mistakes.

One life lesson I might impart goes like this: It's better to apologize than to ask permission. But I'm torn.

I was reminded of that lesson last week, when AOL confirmed that its chief technology officer had resigned. AOL also let go two data-research workers. These came in the wake of a tsunami of protests over AOL having published data on its Web site from search results for over a half-million of its subscribers. AOL issued a public apology shortly after the incident.

My son is attending Ohio University in Athens, Ohio--my alma mater. Ohio University has had to do its share of apologizing lately, since it was revealed last spring that servers on the OU campus had been breached by hackers, one for as long as a year, maybe longer. These servers contained personal information such as names and Social Security numbers for thousands of students, workers, and alumni (myself included). The university sent out letters of apology. Two IT workers were subsequently suspended and face dismissal, and the CIO resigned last month, saying in a statement on the university's Web site, "A new energy level and skill set is going to be required in order to allow our IT organization to realize its potential."

For some organizations, the "apologize after" approach is more than a life lesson, it's a corporate strategy. Rather than being proactive in instituting the difficult, expensive, and resource-consuming steps required to secure--and keep secure--personal data, it seems some organizations would rather ignore the responsibility and deal with the consequences of a data "compromise" in a reactive fashion, like this: shock, dismay, apology, dismissal.

So, does that make "apologize after" a life lesson worth ignoring? Maybe not. I don't mean to muddy the waters too much, but the "apologize after" lesson also occurred to me two weeks ago, when a federal judge ordered the National Security Agency to stop its telecom-surveillance program. I'm not necessarily a fan of government surveillance, but fighting terrorism--unlike fighting domestic crime--is all about being proactive, dealing with the potential for violence in an aggressive, preventative manner. "Apologize after" seems like a highly appropriate strategy for the war on terror.

So, what do I tell my son? How about something like this: Think positive, be scrupulous in your work, take responsibility, be proactive, and apologize ... as little as possible. For those who wrote in about my son's Apple MacBook, no, it wasn't affected by the battery recall, but thanks for asking (wiping sweat from my brow, and egg from my face).

Speaking of apologies, let me assure those readers upset by my referring several weeks ago to Led Zeppelin as a "decidedly average rock 'n' roll band" (you know who you are) that it was a joke--check the context. I'm a Led Zeppelin fan from way back, having attended my first concert of theirs in the summer of 1969. Send a Zep anecdote or a favorite song, along with an industry tip, to [email protected], or phone 516-562-5326.

To discuss this column with other readers, please visit John Soat's forum.

To find out more about John Soat, please visit his page.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
Graph-Based AI Enters the Enterprise Mainstream
James Kobielus, Tech Analyst, Consultant and Author,  2/16/2021
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll