More

    Never Trust Anyone Under 30

    Cisco is sharing the results of a survey about the overall state of network security in the enterprise worldwide.

    The survey – the results of which were announced in conjunction with the announcement of its partnership with other vendors to create validated secure borderless network systems – looked at the security processes of companies in the United States, Germany, China, India and Japan. Specifically, the survey delved into the IT security issues related to tracking vulnerabilities and policy enforcement in the corporate environment.

    More than 500 IT decision makers from the five target countries took part in the survey. Interestingly, security in the United States, China and India is achieved using a multipronged approach, with companies incorporating more than one technology to track vulnerabilities. But despite the greater attention to security, respondents from these countries regularly find employees are using unauthorized devices or unsupported applications on their network, resulting in information loss.

    Social networking was the largest offender, with 68 percent of respondents reporting unauthorized Facebooking (or other online socializing).

    What may be the most telling findings, however, are those that show how important security issues are relative to hiring and keeping good employees. The survey reveals a feeling among its respondents, especially those in China and India, that overly strict security policies can have a negative impact on the hiring and retention of employees who are under the age of 30 – a whopping 71 percent, in fact.

    And yet, more than half of the survey respondents said they would allow personal devices on the corporate network within the next year, despite the potential security risks.

    Both of these statistics show that many IT decision makers are apt to turn a blind eye to seemingly non-threatening but nonetheless real security breaches in the name of employee satisfaction, especially those employees under 30. Do they think employees over 30 are the only population posing a security risk? What is it about employees under 30 that makes them immune to security policies and impervious to scrutiny?

    I can understand that younger employees may be perceived to be more in tune with cutting-edge technologies, but that’s not always the case. Sometimes, experience is the greatest teacher. And experience is the one thing many of these under-30 employees lack.

    It seems counterintuitive to implement tight security policies and turn around and ignore them to keep employees happy. Ensuring the security of corporate information should be the IT decision maker’s highest priority.

    Never Trust Anyone Under 30 - slide 1

    Click through to see more findings from a recent survey by Cisco Systems.

    Never Trust Anyone Under 30 - slide 2

    And the rest probably soon will be.

    Never Trust Anyone Under 30 - slide 3

    It’s nice to validate what you have always suspected.

    Never Trust Anyone Under 30 - slide 4

    The next great security threat raises its head.

    Never Trust Anyone Under 30 - slide 5

    This trend will grow as employees continue to buy more personal technology gear.

    Never Trust Anyone Under 30 - slide 6

    Almost half have already experienced some sort of data loss.

    Never Trust Anyone Under 30 - slide 7

    The days when IT could just say no are coming to a close.

    Never Trust Anyone Under 30 - slide 8

    The days of visiting each PC to update software are long gone.

    Never Trust Anyone Under 30 - slide 9

    No need to waste expensive IT talent on software updates.

    Never Trust Anyone Under 30 - slide 10

    Vendor notifications are closely followed by Symantec threat alert and mailing lists.

    Never Trust Anyone Under 30 - slide 11

    ISS is clearly the market leader when it comes to scanning.

    Never Trust Anyone Under 30 - slide 12

    The good news is that security organizations are not wholly unprepared.

    Never Trust Anyone Under 30 - slide 13

    But employees are getting smarter about circumventing those rules.

    Never Trust Anyone Under 30 - slide 14

    The consequences might not be enough to deter the behavior.

    Never Trust Anyone Under 30 - slide 15

    And enforcement may vary by employee.

    Never Trust Anyone Under 30 - slide 16

    Most IT organizations prefer a nonconfrontational approach.

    Never Trust Anyone Under 30 - slide 17

    Network access control (NAC) systems will soon be required everywhere.

    Never Trust Anyone Under 30 - slide 18

    This is probably the number-one reason IT departments take a passive approach.

    Never Trust Anyone Under 30 - slide 19

    And yet, usage of these application and devices continues to grow.

    Never Trust Anyone Under 30 - slide 20

    If any device can connect, you don’t know who’s actually on the other end.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles