How to keep them in check: Eventually, every new hire will have to go through Harriet. The key is to keep her out of recruiting and evaluating applicants for as long as humanly possible, says Meikle.
"Try to find a way to work with potential candidates without putting HR in the middle," he says. "Harriet should only be involved in the nuts and bolts of the on-boarding process, not determining who's best suited for a position. That's your job."
IT frenemy No. 8: Frightened Frank
When "CSO" rhymes with "just say no."
Want to deploy 4G iPads to your road warriors? Need to spin up a new production server for the marketing department? Hoping to set up a Dropbox account so that you can access work files from your home? Ask Frightened Frank, and the answer to all of these questions — as well as any others you might think to ask — is no.
The result, of course, is an explosion in the number of BYOD Betties and Cloudy Claudettes, not to mention the security, support, and management problems associated with each.
A lot of IT managers — especially those with the word "security" in their job titles — are programmed to say no, says SafeNet's Gonen.
"They're not bad people," he says. "They literally think it's their job to say no. But the business has totally moved to yes, and IT needs to get there too."
How to keep them in check: The key to avoiding Frightened Frank — or acting like him — is to adopt a new mind-set, says Gonen.
Organizations need to accept that data breaches are inevitable, as well as put in processes and procedures to minimize the impact on their most sensitive data, he says. They need to find out what cloud services employees are using and set up simple policies on how to enable them securely.
"If someone comes to you and asks, 'Is it OK if we use Amazon Web Services?' you need to say, 'That's fine, so long as you use it in the following way,'" Gonen says. "The same goes with smartphones or Dropbox. Because even if you don't allow them, people will use them anyway. You have to give people a way to take shadow IT and make it real IT."
Sign up for CIO Asia eNewsletters.