There are plenty of good reasons why your business should create an organisational culture of transparency; it can encourage a stronger team spirit, a sense of fairness, and deeper trust and confidence in your management team. If that kind of culture and confidence exists, it’s obvious that it’s going to be much easier for everyone in the business to make decisions and make them more quickly, especially difficult decisions that involve sensitive subjects like redundancy, or sudden changes in business strategy.
Anything that improves the efficiency and effectiveness of decision making is going to save time, effort and energy.
A broad and deep level of transparency can also be very good for your customers too. They don’t necessarily need to know the minutiae of every internal process but if they know the basic who, what, where, when, why and how of your business, then you will eliminate ambiguity and remove what could otherwise be unnecessary barriers to business. It will also establish a greater trust; this is key if you need them to share some of their personal data with you.
Cultures of Secrecy
Yes indeed! It seems a culture of transparency will be of much greater benefit to your business than a detriment to it. But is that it? Case closed? Or is there ever a danger of being too transparent? I’m not suggesting encouraging a culture of secrecy is an option when I ask these questions, because that can clearly be damaging. Who wants to work in a business culture where deliberate obfuscation, a lack of shared vision, scapegoating, or messenger-shooting are the norm? What I’m getting at is that, like so many other things in business life, the issue at hand is not as simple as it may appear.
I’m thinking here specifically about your business data and IT resources and the use of social media in the workplace. In general, a culture of transparency seems to be a very good thing to foster, but if we drill a little deeper, transparency in the wrong place and at the wrong time is also a threat. Every employee needs to gather, share and process data to get things done, and they do that on a variety of devices: laptops, tablets and increasingly smartphones.
Your employees will no doubt also log on to social networking sites at time throughout the day. But what if they lose their laptop at a conference? Or tweet their dissatisfaction about there not being an end of year bonus?
Working in an open and transparent culture may be good internally, but it may not be so good at helping employees to remember that there are still people on the outside of that culture who want to take advantage of that openness to the business’s detriment: hackers, thieves, and competitors, by way of example.
It’s blindingly obvious that you can’t take away the tools, or deny your team quick and easy access to the data they need. But if your employees grow too comfortable with such internal openness and transparency then it could ironically convince them they are in a low risk environment and cloud all thought about the potential threats from outside the business. If that happens it could translate into weak security practices surrounding how devices, data and social media are used, whether in or out of the workplace. If your systems are hacked because your employees – being so used to openness and transparency – didn’t think it important to use a strong password then that can undermine your data security and your competitive edge.
Strike a Balance
As ever, a balance needs to be struck. In keeping with the CIA principles of good information security, you need to give your team access to the right information, at the right time, in the right format and using the right device. If your team can’t have that type of access, it is going to cost you and your business because your they won’t be able to get things done. They will not be as effective as you need them to be or as they want to be. If they do have that access however, then they need to use it wisely, securely, and actively keep some of the privileges, devices and data confidential.
So while a general culture of transparency has many, many benefits that are well worth pursuing, it is also clear that total transparency at all times is not absolutely necessary or desired in certain parts of a business. That might sound like double-speak or even slightly pessimistic, but it does reflect a pragmatic reality and some of the requirements of a secure IT system.
Thankfully, there are a number of ways any business can pull off the balancing act of protecting its data and devices while at the same time empowering its employees to use them to the business’s advantage:
Vision – commit to both transparency and confidentiality where it is practical and appropriate to do so, but not where it will definitely compromise or put your business data or devices at obvious or considerable risk.
Policies and Training – create an information security policy and a digital policy to clearly describe how employees should handle business data, devices and technologies like social media, then train your employees to understand what those policies mean and how they relate to their job.
Technology – always use strong passwords (of 8 mixed characters or more); where possible buy in the latest software and hardware; keep your firewall and antivirus healthy by downloading the latest patches and updates; and always use a secure wifi or VPN at the office and remotely.