It takes some thinking about… Security…. but one area that I see continually left out is the area of systems portals. It seems that companies are pretty bad at managing the access control lists, users lists and overall security of the portal they provide their current employees and customers.
Let’s take a simple employee who accesses your company’s DAM system; actually lets say the he/she accesses yours and has been provided logins to some of the agencies you also work with. OK now I think you are getting the picture and actually it’s not just your portal or their portal, but maybe even numerous FTP or File Transfer systems that they have access to.
I’d like to ask a question and you know maybe I’ll add a poll onto LinkedIn later today, but is our industry crying out for use of an OpenID style system within the creative supply chain community to integrate into our own frameworks and systems? If then an employee left and you closed his account in your Active Directory (or whatever service you use) it could cascade the security to all other sites that access has been granted based on that security.
I haven’t formulated it fully yet, but ask yourself – how many logins do you have from your previous employment and have you since tested them? Try it now. You may have a shock at what you can still get into and to what value it could have to any new employer. As an employer, ask yourself how you manage all that access and don’t say it’s IT’s problem because the security and integrity of the company you work for is every employee’s responsibility (bet if you check your T’s & C’s in your contract it will be there!)
If we can have standards for colour, for workflow communications (JDF) and for files why not an industry wide security model?
So here it is http://polls.linkedin.com/p/57747/lsvsd
Author: Gary George
This work is licensed under a Creative Commons Attribution-Noncommercial 2.0 UK: England & Wales License.