Slashdot Mirror
Young Employees Pose Increasing Risk to Networks
buzzardsbay writes "Baseline is reporting on an upcoming survey from Symantec and Applied Research-West that confirms many suspicions about the generation gap in the workplace, namely that younger workers will use your corporate network to run most any device, technology or social networking software they can get their hands on. Dubbed "Millenials," these workers born after 1980 are nearly twice as likely to use cell phones and PDAs at work, and half admit to installing unauthorized software on their employer's computers. On the upside, the Millenials are more security aware than their older co-workers."
isn't it the company's responsibility to control their network?
- Do it but don't admit it
- Or don't it but are way less productive than their peers
I don't know how it is for the rest of the slashdot crowd but almost everywhere I've worked it's impossible to be (decently) productive using only authorized software.
The sad thing is not a matter of cost, but a matter of paperwork. Something as basic as winrar (no, let's not go into why would I want to use winanything) is impossible to get by the official channels.
Most people born after 1980 are treated like shit in the IT industry. You are taken on for pitiful wages with vague promises of future riches, squeezed for every bit of knowledge you have, then booted out when the project(s) you are working on are finished. So it is hardly surprising that people treated so shabbily don't have a particular commitment to their workplace.
Most of the highly technical and well paid jobs (system admins and the like) seem to be already taken by well established old folk, and nobody is really interested in training anybody for when they retire. Managers take IT systems completely for granted, consider IT professionals to be lowly peons, and are in for a nasty shock when the handful of people keeping their systems running leave.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
Looks like the title is overblown. The younger works do slightly more risky things than the older workers. However, the older workers (Gen X in this case) still do all the same things, just a little less often. None of the numbers suggest a big change in risk. A lot of the risk factors being described just go from numbers like 47% to 51%. Hardly anything dramatic.
If you want to secure your network, you need to address all the risks that are out there. Adding a little more risky behavior does not really make for any real changes is the risks to the network. Networks are always at risk from the weakest link. A 60 year old employee who happens to do something risky is just as bad for the network as a 20 year old.
On one side letting some random person install any old IRC client is just asking for the office machine to be owned eventually. On the other hand, I hate the idea of being a no good outlaw just because I want to use vim instead of notepad for text editing.
I read the internet for the articles.
First off: Worst article ever. Not just one paragraph per page...1 statistic per page? Jesus. Content to page ratio is like .001:11. And what content there is is vapid and uninteresting.
If you're an admin tasked with security, you have to assume all users are evil, so the question should be more along the lines of, "What is the problem with your process that you are allowing these users to install unapproved software?" Symantec obviously has a big stake in convincing people that they need better security (assuming that this will drive business for their crappy products), but the simple truth is that these sorts of problems shouldn't BE problems in an adequately secured network...Even your basic windows AD setup on XP is capable of restricting software installs and such.
If you're a big believer in allowing users to install whatever crap that they think they need to do their jobs, then you'll need to invest in some solid networking gear because you're inevitably going to have more problems. Otherwise, just lock it down, set up an approval process, and be prepared to deal with a zillion complaints from people who think they're experts because they did their own myspace page.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
give their passwords on the phone to whoever asks. I've seen it happen. Security is an issue that effects us all. Shouldn't single out the young people on this one.
They are more aware. They just don't give a shit. :-)
Some mornings it's hardly worth chewing through the restraints to get out of bed.
"...namely that younger workers will use your corporate network to run most any device, technology or social networking software they can get their hands on. Dubbed "Millenials," these workers born after 1980 are nearly twice as likely to use cell phones and PDAs at work, and half admit to installing unauthorized software on their employer's computers. On the upside, the Millenials are more security aware than their older co-workers."
Um, no. That they install unverified social software on corporate machines and socialize at work means they are not more security aware. Social access is the number one security breach method.
I'm in my mid-20's so I think I would fit into this "generation" gap and want to comment on this. And no, I'm not at work presently to post this, in case the inescapable irony strikes some readers.
I know some of my peers feel that simply having access to the Internet means they can use it during the workday either to take a break during the work period, not work at all or use the Internet on breaks. My friends don't do this but I have had co-workers who have and were generally disciplined and eventually fired for not doing their assigned work.
Personally, I feel that I have an obligation to my employer: 1) to do the tasks I am assigned and 2) to protect the information on their networks. I avoid using the Net at work for non-work tasks and social networks for these reasons.
This article appears to be taking a stupid slant on the statistics that have been gathered. It keeps harping about the "Millenials" (people born after 1980) when really it should say "people in their 20s". My issue is that 20 years from now, the Millenials will be in their 40s, but it will still be the people in their 20s who are the greater risk. The Millenials are not a generation of risk takers, they are currently at the risk taking age.
When I was in my 20s, I was much more risk prone than I am now (in my 40s). Back then I considered it my *right* to be able to install whatever I wanted on a computer, and would be unconditionally annoyed and offended if it was not allowed. Today I am more aware that there are reasons for most restrictions. Yes, some restrictions don't make sense, but a very many do.
This type of thinking was in more aspects of life than just computers. Back in my 20s, I would say that I drove less cautiously than I do today. I drank more heavily, ate poorly, resented having to wear a bike helmet, jay-walked more often, the list goes on. These are all behaviours that I, and most people, grow out of.
Life is like a web application. Sometime you need cookies just to get by.
I guess you didn't get the memo - The fed is now bailing out the banks, no matter how much bad shit they did. Just ask Bear Sterns.
Kevin Smith on Prince
"Case in point, in the USA the politicians and insurance companies have fucked-up the health care industry to the point where most employers will not hire people in order to avoid providing health insurance. They hire people on 'contracts' creating a class of permanent temporary workers."
That may be happening to you, but I'd say that has far more to so with you than the state of the industry.
I haven't found any of the things in your post to be accurate, and honestly, I'd say you're full of shit.
Of course, you included the obligatory "US healthcare is fucked-up/ blame the insurance companies and politicians" troll, so you'll inevitably be modded up.
But you're lying, and we all know it.
I agree with your position. In an electronics production lab or factory floor it is insane to be tied to the same network as the rest of the company. And it is unreasonable to expect us to follow the same rules for the omnipresent company network.
Each department or workgroup needs to have a private network so people can load their own WinAmp, personal text editors and productivity-enhancing macros, MP3s, and oscilloscope controllers without having to interact with the rest of the company network.
But I've found that it is nearly impossible to convince anyone in any IT department of this reality. So it goes.
I will step to put a bit of perspective on this flamefest and tell you something I heard somewhere (unfortunately I can not site but someone here will certainly correct me). The paraphrased quote went something like this:
"The difference between Americans and British is that Americans believe their country is wonderful and is the best one in the world while the reality is that it is terrible. On the other hand, Britons are always bitching about their country without realizing their life is actually pretty good".
I can tell you from my experience in the UK (I've lived in the UK for about 4 years, coming form Mexico) is that you people over here have it really easy. Shit, people can just stop working and the government will pay them money. "spare some change mate?" you see people selling the "big issue" and then they go to cash their check to get beer. That is being poor in this country. Let me tell you, you do not know what the fuck you are talking about.
For people in the UK life is really easy right now. It is, really. You have a hell lot of things which you take for granted. You whine that you can not get a free dentist. Oh shit, but you do not see that in other countries and in other times (even in your country) there is no free NHS even for a freaking Nurse.
So as other people already said, stop whining and go back to fucking work you lazy ass.
Ubuntu is an African word meaning 'I can't configure Debian'
"People in my country have less these days, yet we are told the young are spoilt."
I see why you're having such a hard time understanding this.
You seem to think that "spoilt" = having stuff. If you'd bothered to ask, I suspect many of the people who think you're spoiled think that not because of the amount of stuff you have, but because of the sense of entitlement that is practically dripping off of your posts on the subject.
You see, it's not about the stuff, it's about the attitude that you think you deserve something you haven't yet earned. If your posts are any indication, that may be why people around you think you're spoiled.
It goes from God, to Jerry, to me.
Why do people in this country feel so obligated to work for companies that treat them like crap?
Somewhere along the line here is some element of choice, and it's an element that people have somehow been taught that they don't really have anymore. "It's the best job I can get" or "that's how this industry works."
I don't accept that, and I don't think anyone else should. Once you're working at a certain level, probably just above the poverty line, you make a choice what you're going to do to earn money, and who you're going to work for. We all make these choices based on supporting the kind of lifestyle we want. If your entire industry works this way, and you hate it so badly, you should work in ways that don't make you miserable. That might mean adjusting your lifestyle. But seriously, find something that makes you happy and do it. Don't spend your life working for people that treat you like crap. I won't, even if it means living in a tent. I'm not for sale.
http://downwithpants.org Overthrow the tyranny of your pants
Security is not limited to their physical property. Security includes their digital assets as well.
As an example, if your company makes widget, and the staff uses computers to design said widget, to send those designs to the part of the company (or another company) who actually builds said widget, then the designs for that widget are digital assets, and are no doubt quite valuable to them.
If I as a hacker, working for another company, or even for myself, got access to your company computers and copied those designs, I could then either give them to my company to give them an advantage over yours, or if working alone, I could offer to sell them to every company that competes with yours, giving them all a leg up on your company, plus making a tidy profit for myself.
While I agree that a lot of times the things put in place by IT to stop this are poor, i'm sure they would feel you do not have the right to do things that would aid me in copying those designs. To some IT departments, this includes you installing software on their computers. The fact they may be wrong is still not your task to covet and single handedly choose for them. If you think their methods are wrong, try telling them why, and suggesting a more correct approach. If they still choose to go about it wrong, then let them (and look for another job, since that company most likely wont be in business long, thus needing you.)
You may disagree with their policy, and may even be perfectly right in your reasons for it, but the fact remains it is still their hardware, their network, and their digital assets, not yours.
Taking your attitude is akin to me visiting you, sitting at your computer, deciding that the way you set it up is 'wrong', and changing that against your will.
You have every right to make wrong choices with your own property. So does the company you work for.
And if you really honestly believe it is perfectly ok for someone (you) to come in and tell someone else (the company) what they can and can not do with their own property, well, by that exact logic, you have no right to complain still, because someone (me) has by your own argument the right to come in and tell someone else (you) what YOU can and cant do with your own computer. Thusly, I say you arn't allowed to reply and complain, and thankfully, you would agree
I'm going to spend forty hours learning CADbozoCAD when most of the industry uses BozoCAD, just because your company got it a 10% discount?
We had such a maverick at my place of employment. He insisted on using software tools and other items that were not "standard" for our organization. Guess what happened when he decided to leave? We now have someone else having to learn the way that person did things so that we can convert them back to the way we normally do things so that we can get said things done.
In case of fire, do not use elevator. Use water!
He's right - you're an ass. If I saw my parents' generation reap the benefits of free education and dentistry, then stop paying for it when they got old, I'd be pissed too. It's not entitlement to expect the same deal the previous generation got. If it is, then the behavior of the boomers is just rapacious, which makes entitlement downright civilized.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
Unfortunately this is a bad year to be preaching that particular message. My costs went up easily 20% last year, so I'll be looking to convert this potential income into something that spends in the near future.
I'll miss seeing my baby daughter at lunch, but I'll take some consolation in her not having to pole dance to pay for college.