Johannesburg, 24 Jul 2009
While young South Africans may be well informed of their employers' security policies, a recent Symantec survey found 71% of respondents believed them to be unfair.
The survey explored Web 2.0 technology and social networking in the workplace among millennials, the generation born after 1980.
“Today's young workers want uncontrolled access to any Web site, application, device or technology available, and do not take kindly to restrictions set by the (invariably older) executives,” says Gordon Love, regional director for Africa at Symantec.
Exploring the level of security awareness among respondents, the survey found 62% claimed to be aware of risks associated with mobile devices, social networking platforms and related Web 2.0 technologies, and took measures to protect corporate data. A further 87% believed they were aware of the measures needed to secure information stored on portable devices.
“Most employees feel so strongly about unrestricted technology usage that they were willing to run the risk of disciplinary action,” states Symantec. About 53% of millennials surveyed admitted they already made use of appliances and software that breached company information security policies.
“Regardless of their personal knowledge and awareness around information security, employees should never assume they understand corporate information security strategy, or the reasons behind corporate rules and policies,” says Love.
“They should also bear in mind that corporate policies are designed not only for the individual, but to protect corporate reputation and that of their partners, customers and other stakeholders.”
The survey highlights the issue of outdated policies versus personal freedom. “That so many young workers are deliberately going against company orders is unsettling,” notes Love, “but such action may well be an indication that employers need to re-think older policies to better accommodate mobile devices and social networking technologies and applications.”
Love suggests companies combine an endpoint security solution, network access control, and compliance to protect the network and simultaneously free employees to make use of new technology, thus increasing productivity through mobility.
Furthermore, the use of social networking platforms should not be entirely prohibited, but rather controlled and monitored, he argues. “Employees will be less likely to waste company resources if they know they are being watched.”
The results show that enforcing technology rules and restrictions is not effective, says Love. “Companies would be wiser to shift their security policy focus from obstructing the users' choice of device to managing the users' access to critical systems and information,” he adds.
“Technology is evolving and the millennial worker is comfortable changing devices to keep up with this. As the survey shows, fighting to keep those devices locked out of the corporate network is a losing battle.”
Related stories:
A web of deceit
I can likez to haz a blog
Companies must secure content
Share