Monday, 20 April 2015
Why Milliennials Are an Information-Security Threat
Millennials like being social, and they like using technology. What some don’t recognize is how the combination of these behaviors may cause issues for organizations.
As part of my research, I have found that a majority of millennials reported that they contact co-workers through internal or external social-networking sites. And a majority reported that their contact was taking place outside of corporate systems. In other words, millennials who work together were interacting electronically outside of corporate security controls.
While some of those interactions were personal, others were about work. For many millennials, instant messaging or texting to discuss what is going on in their lives is as natural as sitting down for a drink after work. The types of conversations any of us would have about work over a beverage (of whatever type) are natural to them to have through technology such as social media. The question leaders have to think about is whether there is a greater risk when people have those conversations electronically rather than in a public venue. In a public venue people can overhear what you’re saying if you’re not careful. When the conversation is electronic someone can also “overhear,” in that they can get hold of the actual text of the conversation and use it.
While many millennials said they were contacting their work friends through social media to be social, other millennials said they were contacting co-workers through noncorporate systems because the corporate security controls made their work so inefficient–and they hate bureaucracy wasting their time. Need to send files to someone at a different site and don’t have an easy way to do it internally? Use Dropbox. Want to instant message someone but don’t want the conversation flagged? Use an external system such as Facebook or Google.
The use of noncorporate systems shows us that millennials have strong relationships with their friends at work, in that they want to be in contact with them even during their free time. It also shows us that millennials are focused on getting their work done, and are trying to avoid wasting a lot of time to do so. These behaviors are positive, in that they show how robust the relationships are among friends at work and how productive millennials want to be. At the same time, these behaviors can result in information security issues for organizations.
While organizations need to set up rules for how information can be shared electronically, it’s going to be impossible to prevent work friends from talking about (complaining about) what is happening at work during their personal time, whether in a bar or online. And as long as corporate systems are perceived as being a hindrance to efficient work rather than as a system that helps protect the individual and the organization, people are going to look for other avenues to share information.
Leaders need to make sure that employees know how security controls protect the individual as well as the organization, and what information can be shared outside of work technology systems and security, and what cannot—even among friends.
Senior research scientist at the Center for Creative Leadership and an affiliated research scientist at the Center for Effective Organizations at the University of Southern California. She is co-author of the forthcoming “What Millennials Want from Work.”
Photo Credit: www.tom1st.com