Iron Man and Iron-Clad Security

In case you can’t tell yet by my movie selection so far, I’m a little bit of a nerd.  And today is no different, because we’re going to talk about Iron Man.  Iron Man marked Marvel’s first foray into making movies, instead of just comic books.  The movie was an unbelievable success, spawning 2 sequels, a number of other Marvel comic character movies and the billion dollar Avengers movie.  For those of you who have trouble remembering back to 2008, here’s the IMDB summary:

When wealthy industrialist Tony Stark is forced to build an armored suit after a life-threatening incident, he ultimately decides to use its technology to fight against evil.

Compartmentalize Confidential Information

After Tony Stark is locked out of Stark Industries, he sends Pepper Potts in to access his computer and copy files.  While Pepper is copying files that Tony, ostensibly, should have access to, particularly as the company’s owner, she stumbles onto a video implicating Obadiah Stane, one of Tony’s most trusted advisors, as the person responsible for Tony’s earlier kidnapping.  It certainly seems foolish to allow Tony’s computer the ability to access information concerning his capture.

It can be equally foolish to allow every employee’s computer the ability to access every document and file on the company network.  Especially in larger companies, information on the company network should be compartmentalized, and access should be granted to those who need the information on a day-to-day basis, with temporary access given when an employee needs access for a short period of time.  Allowing all employees access to everything simply increases the likelihood that your confidential information will be taken when an employee leaves the company or simply decides to abscond with information that doesn’t belong to them.  Additionally, if confidential information is taken, it will be easier to find the culprit when only a smaller group has access.

Movie takeaway: Help keep confidential information confidential by compartmentalizing access, so theft of confidential information is less likely (and so you can’t be implicated in a worldwide plot to kill a billionaire playboy philanthropist).

The SHRM Blog does not accept solicitation for guest posts.

Add new comment

Please enter the text you see in the image below: