Yahoo, Equifax, and Uber are just some of the high-profile brands hit by breaches during the past twelve months, and younger workers may pose the biggest risk in terms of data breaches to organisations and their brands. Senior executives appear to think so, with more than a third believing that younger employees are the “main culprits” for data security breaches in the workplace. It appears that young workers are posing a real threat to company security with one in ten young of them doing things they shouldn’t online during work hours including gaming, vlogging, blogging, sharing apps and downloading unofficial applications.
The study, conducted by Censuswide, sought the views of 1,000 next generation workers (18-24-year olds) and 500 decision makers in UK organisations to discover how security, privacy and online behaviour at work impacts the lives of younger employees and the companies they work for.
Younger workers are in the driving seat when it comes to password changes, with 29 per cent revealing that their employers leave it to them to decide when they need a password change. Furthermore 14 per cent of them admit to freely sharing passwords with colleagues. Conversely password sharing tops the list of decision makers’ greatest concerns, with 55 per cent saying it keeps them awake at night.
Social media obsessed
In today’s social media obsessed world one in five workers are not bothered about how their social media activity might affect their employers – and 18 per cent freely admit that their posts could compromise employers’ security and privacy policies. Yet 47 per cent of decisions makers are worried about them sharing social media posts and the impact these could have on brand and reputation, while less than half of young workers say their organisations have social media guidelines for them to stick to.
More work is needed to remove this divide, and adopting a ‘Zero Trust approach’ to security – which assumes that users inside a network are no more trustworthy that those outside the network – is clearly a necessity.
‘Too relaxed’ about adhering to policies
This new generation of employees entering the workforce has an ‘always on’ approach to technology – with no experience of an off-line world. In the next ten years, 75 per cent of the workplace will be millennials* and organisations can’t afford to ignore them.
The findings of Centrify’s study stresses the need for robust security policies and brings into question the online behaviour of these young workers and the security risk they pose to companies: 40 per cent of decision makers are concerned about their misuse of devices, 35 per cent say they are too trusting of technology and 30 per cent worry they share company data too easily. While 74 per cent of decision makers think that their employees abide by the organisation’s security policies, over a third (37 per cent) feel that young workers are too relaxed about them.
Younger workers are well-informed about the new ‘dark arts’, with decision makers saying they know about the Dark Web (87 per cent), underground hacking (79 per cent) and crimeware (81 per cent). Although around half (48 per cent) say they have strict guidelines in place for employees using these methods, 39 per cent feel they could be better.
“Young workers coming into the workplace today have grown accustomed to having free and easy access to the online world and our research indicates that they don’t tend be as conscious about security,” comments Andy Heather, Vice President and General Manager, Centrify EMEA. “If you give them access to any information at any time from any place, or don’t enforce strict password and social media policies, then they are likely to take full advantage. Companies need to act quickly and put the processes in place to protect against this risk which could pose a very real threat to the jobs of this next generation of workers.