Young workers, Web 2.0 pose security challenges

Survey reveals widespread use of risky technologies

Young workers tap into Web 2.0 technologies and personal computing devices more frequently at work than their older counterparts, and while being familiar with such tools offers some benefit, the work habits of Millennials — as tech-savvy younger employees are known —could force IT departments to revamp corporate security policies or remain vulnerable to data loss, security breach and legal woes.

A recent survey reveals the disconnect between younger workers' technology habits, older employees' behaviour on the job and IT decision-makers' attitudes toward adjusting existing corporate policies to safeguard environments from the risks posed with Web 2.0 technologies. Symantec commissioned researcher Applied Research-West to do a study. The study polled 600 individuals in three groups of 200 apiece: IT decision-makers, Millennial workers (those born after 1980) and older workers (those born before 1980).

The results show younger workers embrace newer technologies in the workplace, but the corporate environment is not up to speed in terms of securing itself from the risks and vulnerabilities introduced by social computing  and Web 2.0 tools. For example, about two-thirds of Millennial workers polled admitted they "regularly access" Facebook and MySpace, while just 13% of older workers did. And three-quarters of younger employees access webmail accounts at work, compared to 54% of the others. Close to half of the Millennials surveyed said they use instant-messaging programs on the corporate network, and 22% of the veteran crowd admitted to the same.

Other disparities prevailed in the use of streaming video, photo sharing and iTunes. Close to 40% of younger workers use streaming video in the office, 37% share photos, and one-third reported they access iTunes. The survey found that 20% fewer older workers said they use those technologies at the office.

When it comes to devices, 45% of Millennials limit themselves to using company-issued devices or software, while 70% of other workers adhered to company standards. Close to 70% of younger workers also said they use "whatever application, device or technology they want, regardless of source or corporate IT policies". Less than one-third of other workers said the same. Three-quarters of Millennials polled have downloaded software at work for personal use, compared with the one-quarter of older workers who admit to that practice.

Younger workers also are more likely to store corporate data on personal devices. According to Symantec, "Common channels are personal PCs (39% vs. 24%), USB drives (38% vs. 14%), personal hard drives (20% vs. 13%) and smart phones (13% vs. 6%)."

These results put IT managers in the hot seat, because they show that corporate risk has increased during the past five years. Eighty-nine percent of the IT managers polled said risk has increased in the past five years, with close to half saying they "feel younger workers pose a moderate-to-significant new challenge". Twelve percent said they believe Millennials to be more "risk-savvy."

Fifty percent of the IT respondents said they have policies banning social networking, music, streaming video and gaming applications. Three-quarters of the IT workers polled have guidelines in place that restrict corporate data and information being downloaded to personal devices, and 85% have policies that forbid downloading or installing software on work PCs for personal use, the survey found.

This disconnect between policies and practices caused more than two-thirds of corporate IT manager respondents to consider restricting the use of Web 2.0 technologies and smart devices. However, 54% of IT decision-makers polled said they have seen some benefit from the use of Web 2.0 technologies and smart devices among their employees.

To balance the risks and rewards of such technologies, more than a third of IT respondents have written new polices and enforce them, and 28% have relaxed guidelines to allow for more access to varied applications and devices. Close to two-thirds of the IT managers polled said they monitor employees' online activity to track whether they are following policies, and 36% admitted they had not altered policies in the past five years.

"Clearly, the study reveals there is potential for huge risk exposure -- data loss, compliance issues, legal implications" and more, says Samir Kapuria, managing director of Symantec advisory consulting services.

Join the newsletter!

Error: Please check your email address.

Tags managementmillennialssecurityWeb 2.0

Show Comments
[]