There are important requirements, issues, and concerns that we are required to bring before those we protect. It is critical we take the time to reflect how best to convey our message. I once worked for a company where the IT department issued dozens of e-mails a week regarding upcoming IT outages. Of course, every employee would like to be notified of such an eventuality…that is, unless the IT department sends out several company-wide e-mails per day about any and all outages — even for a small accounting application used only by three employees in Hong Kong. After a week of slogging through the lengthy caveats and exclusions, everyone in my group simply added the IT warnings to their spam list.
If a system was going to be off-line, it was easier to find out when you couldn’t gain access on Sunday afternoon. You just waited until Monday. Being surprised by the exception was simply easier than attempting to be forewarned.
Your signs say a lot about you. Ensure you are projecting the proper image of your security responsibilities, and your organizational risk management program. Use them sparingly and wisely, and be careful to avoid hyperbole. People just might find out you are turning on both showerheads and demanding clean towels during your hotel stays, and then you will be accused of trying to poison the planet.