This InfoWorld article about crazy security tricks that work has the best quote I have read about human nature’s (and in particular Information Technology (IT) professionals’) response to change:
Charles Babbage, the father of the modern computer, once said, “Propose to a man any principle, or an instrument, however admirable, and you will observe the whole effort is directed to find a difficulty, a defect, or an impossibility in it. If you speak to him of a machine for peeling a potato, he will pronounce it impossible: If you peel a potato with it before his eyes, he will declare it useless, because it will not slice a pineapple.”
This is exactly the resistance to change that Patty and I encounter on a daily basis. I love that the article goes on to say what we have also found to be true:
Yet, sometimes going against the wave of traditional thinking is the surest path to success.
In that vein, <the article> offers 10 security ideas that have been — and in many cases still are — shunned as too offbeat to work but that function quite effectively in helping secure the company’s IT assets.
The 10 innovative solutions provided in the article are fantastic examples of defining the success your company wants to see (in this case, fewer security flaws that put your company’s assets at risk), and having the courage to lead despite the resistance to change.
The companies employing these methods don’t care about arguing or placating the naysayers. They see the results and know these methods work, and they work well.