Corporate IT administrators may have more to worry about than just the wave of smart watches, Google glasses and other wearable computing devices that could flood the enterprise soon. A recent survey of indicates that more than half of Generation Y workers are prepared to contravene corporate bring your own device and cloud computing policies if it cramps their personal and professional computing and social networking activity.
“It’s not getting any better for IT groups,” said John Maddison, vice-president of marketing for American network security appliance firm Fortinet Technologies Inc. “It’s really alarming to see policy contravention so high and so sharply on the rise, especially when instances of Gen Y users being victims of cybercrime is rising.”
Generation Y, also known as the Millennial Generation, is a demographic cohort that includes individuals born in the early 1980s to the early 2000s. The oldest of this cohort would be around 32-years-old.
Fortinet (FRA: FO8) surveyed this month, 3,200 employees aged 20 to 29 from some 20 countries (including Canada) on their mobile device and cloud computing habits and usage. The company found a 42 per cent increase in willingness to break usage rules compared to results of a similar survey last year.
Many IT managers are wary of employees using personal cloud-based file sharing services for work-related data because may not have enterprise-level security controls. The flood of personnel-bought mobile devices that are being brought into the corporate network is also giving the IT department headaches over data security.
While respondents felt positive about their employer’s provisions for BYOD policies, with 45 per cent saying the policy “empowers’ them, a total of 51 per cent said they would contravene any policy banning the use of personal devices at work or for work purposes.
As many as 36 per cent of respondents using their own personal cloud storage such as Dropbox accounts for work purposes said they would break company rules that would prohibit them from doing so.
When asked about wearable technologies, 48 per cent of respondents said they will disregard rules that would curb their use of such devices at work.
This degree of apparent intransigence is surprising when you consider that 88 per cent of the respondents accept that they have an obligation to understand the security risk posed by their own devices, said Maddison.
“These are not employees that endanger the corporate network out of ignorance,” he said. “This is a cohort that grew up on technology, they know how the latest gadgets work and they can use them very well.”
Maddison said he believes that the flouting of corporate policies around cloud computing and mobility is not fueled by maliciousness but rather by the Gen Y’s computing style.
“This is a generation that came on its own being connected and they don’t want to be constrained from using the technology that is out there to accomplish their work the way they want it done,” he said. “That said, the study highlights the greater challenges facing IT managers when it comes to knowing where corporate data resides and how it is being accessed.”
He said organizations need to continue educating employees about the threat landscape and possible negative impact to the company of their computing habits.
IT groups can also shift their focus from just securing end point devices with an agent to deploying security tools that control, protect and monitor network activity.
Maddison also said businesses should look into hybrid cloud storage that can provide employees the flexibility they crave but with the security that the company needs.
Understanding how IBM Spectrum Protect enables hybrid data protection
Abdicating your company’s data protection responsibilities to the first cloud solution provider you encounter is just as unwise as doing nothing at all to leverage the cloud. On the other hand, it can be a wise decision to investigate what results you might achieve by choosing a backup technology that is capable of supporting a hybrid protection approach capable of covering both on-premises technology and offsite cloud capabilities.