Skip to Content

Loosening Security Controls to Boost Innovation

Douglas Merrill, Google’s former CIO, on how to make peace between workers and IT departments.
July 29, 2009

At many businesses today, there’s a fight between workers and their information technology (IT) departments. Employees want to use instant-messaging programs to communicate or export documents to Google Docs, while company security officers get heartburn at the idea of so much company data being scattered around.

At the keynote address this morning at the Black Hat computer-security conference in Las Vegas, Douglas Merrill, who recently left EMI Music’s digital group and was formerly chief information officer and vice president of engineering at Google, said that companies should reconsider this adversarial relationship.

According to Merrill, studies show that employees can increase company returns when they have the freedom to innovate by trying new software and new workflows. However, those returns disappear when employees are made to feel that their activities are illicit.

As an example of how companies can give workers freedom without compromising security, Merrill described his experience at Google. “Google’s engineering culture was all about working the way you want to work,” he said. Employees could use any operating system and work from any convenient location–the office, home, a coffee shop, or wherever. As a result, it was impractical to rely on traditional security solutions, such as installing antivirus software on each device employees used.

Instead, Merrill said, Google addressed security by building up its infrastructure. For example, the company put antivirus protection on its mail server, which is the main source of viruses that infect the network. They also watched their network traffic patterns for any unusual spikes.

Merrill said that companies need to find new ways to accommodate employees while also securing their systems. Trying to change behavior, like asking employees to stop using instant messaging, only stands to stifle innovation.

Keep Reading

Most Popular

The Steiner tree problem:  Connect a set of points with line segments of minimum total length.
The Steiner tree problem:  Connect a set of points with line segments of minimum total length.

The 50-year-old problem that eludes theoretical computer science

A solution to P vs NP could unlock countless computational problems—or keep them forever out of reach.

section of Rima Sharp captured by the LRO
section of Rima Sharp captured by the LRO

The moon didn’t die as early as we thought

Samples from China’s lunar lander could change everything we know about the moon’s volcanic record.

conceptual illustration of a heart with an arrow going in on one side and a cursor coming out on the other
conceptual illustration of a heart with an arrow going in on one side and a cursor coming out on the other

Forget dating apps: Here’s how the net’s newest matchmakers help you find love

Fed up with apps, people looking for romance are finding inspiration on Twitter, TikTok—and even email newsletters.

ASML machine
ASML machine

Inside the machine that saved Moore’s Law

The Dutch firm ASML spent $9 billion and 17 years developing a way to keep making denser computer chips.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.