Five Warning Signs Your Security Policy Is Lacking
Warning signs of a weak security policy from SunGuard Availability Services.
The other evening at a holiday party, a group of women were talking about computers and other electronic equipment, and eventually one of them joked, "The only way we can get our system to work is to bring in the teenager next door."
Yes, it is a tired old joke-the kid who comes in and can set up your home wireless network in five minutes, after you spent three days and hours with tech support trying to figure it out. But there is some truth to this. Young people are being raised connected to the cyber world. Today's college students and most recent graduates don't know a society without total Internet dependence.
Probably because it is so ubiquitous to their lifestyle, young adults tend to be the most careless when it comes to company IT policies. In fact, a new Cisco study found that seven out of 10 young employees frequently ignore IT policies, and one in four is a victim of identity theft before the age of 30. Also, 80 percent of these young employees think their company's policies on social media and use of devices like smartphones are outdated, if they knew a policy existed in the first place. ZDNet stated:
Cisco threat research manager Scott Olechowski posited that these numbers are startling not only because they reveal many trends that will affect businesses and enterprises moving forward, but also just because these employees were so willing to admit that they're breaking policies.
Looking at some of the statistics from the Cisco report - 22 percent cite the need to access unauthorized programs and apps just to get their job done and 18 percent don't have the time to think about policies when they are working - I suspect older workers will think that young people are being lazy or disrespectful when it comes to following IT or security policies. I don't totally disagree with that, but I think we older workers need to understand that younger people have a much different approach to how they use computer networks. Remember, the report found that a quarter of young adults will be the victim of identity theft. The reason is simple - they are used to sharing everything online. Security to most young people has a very different meaning than it does to those of us who didn't touch a computer until we were settled into our careers.
How can companies make sure that young employees follow security policies? A couple of ways. First, make sure they know that there is a security policy and then make sure the policy is enforced. Second, consider bringing in some recent grads to help update or rewrite security policies and create a dialogue with them. If they are saying policies are outdated, it would make sense to find out why they think that. Third, look to academia for advice. Universities are becoming more adept at creating security policies that protect their networks while balancing the needs and demands of the student population.