You won an award from RSA for making security a priority internally at Intel. What have you done?
MH: We've got kind of a vanity URL internally around security. We started back in 2005, kind of recognizing where things were going to go with computing, and even with social, even though it wasn't called social computing at that time. We changed our security strategy to be, "people are the new perimeter," and really focused on the people and behavioural aspects of certain things. So we have that portal which has all the policies and things on it, we do a lot of end-user awareness and training, which we try to make pertinent. We also have, across the company for probably at least four or five years now, generated getting the company to 100 per cent completion of that awareness training. We've got a tops-down tone that this is important from our CEO, we've revised the training courses and call out key messages annually. They're online, they've video, they're interactive. One covers privacy, one covers security. We do awareness articles on our main company portal. We've done stuff on how to protect your children on the Internet. You might wonder why you would want to do that in your corporation, but we want their behaviours to translate into work, travel and home. If they have good practices for protection of information in their home it's going to translate to work. It also makes it a bit of an employee benefit, because we have a lot of folks with children, and hopefully they're creating a generation of folks that are more savvy with this stuff.
Sign up for CIO Asia eNewsletters.