The Millennial Bug

Since the first wave of Millennials entered the workplace, the question of how businesses should adapt to their needs has been raised repeatedly. Their approach to work is markedly different from their peers; they are reliant on the internet; they try every new software they come across, store private company data on personal mobile devices and share files over networks.

Although the Millennial’s tech-savvy natures often benefits business, their relaxed attitude towards security is causing concern. Recent studies by Raytheon and The Chicago Better Business Bureau have shown that, while young adults are much more comfortable with new technologies than previous generations, their trusting attitudes are leaving them, and their companies, vulnerable. For instance, two-thirds of those questioned by Raytheon have connected to a password-free, public WiFi in the last month. Almost a quarter of them have shared a password with a non-family member in the past year, and one in five has never changed their online banking password.

While embracing social media and the World Wide Web, Millennials have been shrugging off personal security; the popularity of such sites, alongside general ease of use, acts to mask the risks associated with using them. It’s this lack of awareness which is creating a new set of challenges for IT departments already stretched to their limits.

To keep up with the rapidly evolving tech industry CIOs know they must invest in the collaborative work tools and SaaS solutions favoured by their young staff. They also know high standards of security must be met if they are to protect themselves from breaches. That’s why many are employing ever stronger security systems; they need to protect their networks and data from the threats posed by the Millennial’s behaviour. Colt supplies its security services to many organisations in this position and has found that, alongside data protection, it greatly reduces the burden placed on IT teams.

Yet sometimes employing a suitable security system is only half the battle. For some CIOs and IT managers the hardest task is building a security culture that permeates the business. In a survey of security executives by Courion, 95 per cent said their IT security teams consider preventing security breaches a serious issue, but only 45 percent believe other employees feel the same.

Back in May I attended a keynote at Infosecurity Europe titled: ‘Rethinking information security education strategies to engage generation Y’. This was intended to address tactics for neutralising the risk posed by Millennials (although it was interesting to note that no one from the Millennial generation was included in the discussion!). An example, given during the talk, cited an incident where an IT department requested that its employees refrain from using Dropbox due to security concerns. Rather than having the desired effect, it prompted an increase in Dropbox use as staff sought out and decided to try the file sharing solution.

The question then is this; aside from ramping up internal security systems, how can we find a way of balancing security with ease of use? Saying ‘no’ to Millennials does not seem to work, so is there a way we can manage their use and adoption of new technologies without compromising security? The answer is surely education. Nearly a third of respondents to Courion’s survey stated that employee education should be a top priority for business in 2014. We should be devising ways of teaching Millennials about effective cyber-security and pushing home the importance of security awareness, not just for our sakes, but for theirs as well.  We need to take advantage of their tech-savvy nature by turning a security risk, into a security asset to protect our organisations’ assets.