I have a confession to make. When I was graduating from high school back in the 90s, I was asked a bunch of questions about the future. One of them was, “Will cellular phones replace land lines?” I answered, “No, never.”
Today, of course, I haven’t had a land line in years. What I didn’t realize back then is that technology marches ever onward. There’s no looking back.
The same can be said, I think, about generational attitudes and expectations. And the young adults entering the workforce today, the Millennials, have a whole different approach to technology that organizations are going to have to learn to cope with, because it’s probably not going to change.
I bring this up because Cisco just released the latest installment of its Connected World Technology Report, which found that Millennials don’t really care about computer security and are prone to ignoring IT policies.
According to the survey, roughly 61% percent of young employees believe that security “is not really their responsibility: They want to work hard, from home or the office, using social networks and cloud applications to get the job done, while someone else builds seamless security into their interactions.”
This is a troubling trend for a number of obvious reasons, but it becomes even more so in light of Gartner’s prediction that “the control of technology and technology-driven decisions is shifting out of the hands of IT organizations.”
Millennials want control, but they don’t want responsibility. How are organizations supposed to cope with that?
Department of “No”?
My colleague Kimberly Samuelson has pointed out that, historically, IT departments have been viewed as the department of “no.”
· “No, you can’t put that on my network.”
· “No, we can’t get to that project for six months to a year.”
· “No, that integration you want isn’t possible.”
But when you assume the role of a parent scolding a wayward child, you’re likely to elicit anger and rebellion in response. (According to Cisco, 16% of the survey respondents said that their organization’s IT policies “are not convenient,” a.k.a. “The rules don’t apply to me.”)
Communication, collaboration and education, then, are essential to enlisting the assistance of young business users in keeping the enterprise safe.
Extending Educational Efforts to IT
Interestingly enough, though, it seems that IT professionals, too, must be included in the organization’s educational efforts. A new study sponsored by HP reveals that more than half of the 5,500 IT operations and security managers surveyed reported having access to confidential information beyond the requirements of their position, and that many of them look at this information “out of curiosity, not job function” (a.k.a. “The rules don’t apply to me.”)
eWeek notes that “‘general business data’ such as documents, spreadsheets, e-mails and other sources of unstructured data were most at risk for snooping.”
ECM systems can provide an incredible layer of security between unauthorized users and sensitive business data, but if the organization’s IT professionals don’t respect their own policies regarding information access, it’s unlikely that they’ll be able to convince anyone else—including the aforementioned Millennials—to toe the line regarding information security, network security or anything else.
If your organization doesn’t currently provide training about its IT policies and procedures and why they’re important as part of its onboarding process (and on a regular basis thereafter), it almost certainly should. And it’s probably even more important to get a cross-section of people across the enterprise—young and old, business line and IT—to come together to jointly review and discuss the use and effectiveness of those policies and procedures so that everyone has a stake in ensuring compliance.
First, though, IT professionals need to remember to model the behavior they wish to see from their users. In this, as in anything else, the power of example is mighty indeed.#ITsecurity #KimberlySamuelson #Topic(s)-Cisco #ITpolicy #eweek #HP #Gartner #ConnectedWorldTechnologyReport #millennials