Last Updated Dec 9, 2010 9:06 AM EST
Those are some of the questions being asked by Andrew McAfee in the Harvard Business Review. McAfee points out that pundits are asking if too many people have too much access to information.
That might be the kneejerk reaction to such a colossal security failure, but not so fast -- there's nothing inherently broken here. Bradley Manning -- the suspect in the leak -- was indeed a very low ranking enlisted member, but he needed access to classified information to conduct his duties. McAfee asserts:
Excessive stovepiping and hoarding of information were a big part of the reason that the US Intelligence Community (IC) as a whole couldn't 'connect the dots' among the available pieces of information well enough to prevent the 9/11 attacks.I've personally seen this kind of stovepiping in the business world. At one company I consulted for some years ago, critical information about product development was so tightly guarded by the engineering department that everyone else was completely shut out of the conversation until it was too late to have an impact on design, marketing messaging, and other critical elements. The product, not surprisingly, floundered.
McAfee contends that shutting employees out of information and processes is not the solution to controlling business information -- and I agree. The most likely result will be a demotivated, poorly performing organization that doesn't have the information it needs to do its job. Consider that when discussing how current events should inform your corporate security policies.