Focus first on setting the right policies, but then let people in the business run
Adam Ligas, Quickbase Guru at the healthcare company Aetna, said he views his role in IT as very much serving the business, and setting the overall policies that enables innovation for the company.
“I make sure the platform, and thus, the applications are compliant with all our IT security policies, password rules, encryption, etc. We leave the business folks and the citizen developers to build their apps and solve their problems. Then, we take on the secondary role of support.”
User education on security issues also plays an important role. Spence Lloyd, CFO at Avant, said that because of the rise of phishing and other cyberattacks over the last year, his organization has spent more time educating employees on these threats and how to support the company’s governance initiatives.
For Heather Bryant, IMF Platform Manager at the country’s largest family-owned building services provider, Able Services, said her organization puts a lot of effort into setting the right access policies. “We start out pretty tight, where you can just view the data from the place that you work and as the product grows and [users] say ‘we want to see this, we want to see that,’ we’ll tweak that for them.”