A + B results in C, but sometimes the consequences are E, F, or G and wow, do we want to avoid that.
Conversations about the need to be able to rapidly close down an office and delete sensitive data led do an unexpected place. We talked about the need to permanently delete sensitive data, to ensure encryption was always on, and other standard stuff. Nothing controversial. The conversation was more about how to ensure people had the right capacity and what should trigger what action.
And then it happened. The colleague who had been quiet on the call unmutes. ‘The assumption we seem to be working with is that we wipe or encrypt everyone’s device so that if the device falls into wrong hands, the ‘wrong hands’ can’t access the data.’ Everyone nodded at this point.
‘So,’ she continued, ‘what happens when a guy puts a gun to my head and there is no data on my device or asks for the encryption key, which I don’t have? What happens then? It’s not looking good for me. How do we prepare staff for that?’
You could hear a virtual pin drop.
This is the human side of digital transformation. And yes, thinking about rapid closure of offices requires deletion, encryption, and of course collecting less data in the first place. However, data is not data in a vacuum. Data is people and data is in a context.
There is no easy answer to the challenge in that conversation. Each team, each context, each organisation will respond differently for multiple reasons. But it does need to be discussed. And it is a reminder of value of diverse groups of people involved in discussions and of building a culture of trust where people voice alternative views.
The choice is up to us.