Skip to Content

Loosening Security Controls to Boost Innovation

Douglas Merrill, Google’s former CIO, on how to make peace between workers and IT departments.
July 29, 2009

At many businesses today, there’s a fight between workers and their information technology (IT) departments. Employees want to use instant-messaging programs to communicate or export documents to Google Docs, while company security officers get heartburn at the idea of so much company data being scattered around.

At the keynote address this morning at the Black Hat computer-security conference in Las Vegas, Douglas Merrill, who recently left EMI Music’s digital group and was formerly chief information officer and vice president of engineering at Google, said that companies should reconsider this adversarial relationship.

According to Merrill, studies show that employees can increase company returns when they have the freedom to innovate by trying new software and new workflows. However, those returns disappear when employees are made to feel that their activities are illicit.

As an example of how companies can give workers freedom without compromising security, Merrill described his experience at Google. “Google’s engineering culture was all about working the way you want to work,” he said. Employees could use any operating system and work from any convenient location–the office, home, a coffee shop, or wherever. As a result, it was impractical to rely on traditional security solutions, such as installing antivirus software on each device employees used.

Instead, Merrill said, Google addressed security by building up its infrastructure. For example, the company put antivirus protection on its mail server, which is the main source of viruses that infect the network. They also watched their network traffic patterns for any unusual spikes.

Merrill said that companies need to find new ways to accommodate employees while also securing their systems. Trying to change behavior, like asking employees to stop using instant messaging, only stands to stifle innovation.

Keep Reading

Most Popular

Workers disinfect the street outside Shijiazhuang Railway Station
Workers disinfect the street outside Shijiazhuang Railway Station

Why China is still obsessed with disinfecting everything

Most public health bodies dealing with covid have long since moved on from the idea of surface transmission. China’s didn’t—and that helps it control the narrative about the disease’s origins and danger.

individual aging affects covid outcomes concept
individual aging affects covid outcomes concept

Anti-aging drugs are being tested as a way to treat covid

Drugs that rejuvenate our immune systems and make us biologically younger could help protect us from the disease’s worst effects.

Europe's AI Act concept
Europe's AI Act concept

A quick guide to the most important AI law you’ve never heard of

The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.