Slashdot Mirror
Young Employees Pose Increasing Risk to Networks
buzzardsbay writes "Baseline is reporting on an upcoming survey from Symantec and Applied Research-West that confirms many suspicions about the generation gap in the workplace, namely that younger workers will use your corporate network to run most any device, technology or social networking software they can get their hands on. Dubbed "Millenials," these workers born after 1980 are nearly twice as likely to use cell phones and PDAs at work, and half admit to installing unauthorized software on their employer's computers. On the upside, the Millenials are more security aware than their older co-workers."
isn't it the company's responsibility to control their network?
- Do it but don't admit it
- Or don't it but are way less productive than their peers
I don't know how it is for the rest of the slashdot crowd but almost everywhere I've worked it's impossible to be (decently) productive using only authorized software.
The sad thing is not a matter of cost, but a matter of paperwork. Something as basic as winrar (no, let's not go into why would I want to use winanything) is impossible to get by the official channels.
Most people born after 1980 are treated like shit in the IT industry. You are taken on for pitiful wages with vague promises of future riches, squeezed for every bit of knowledge you have, then booted out when the project(s) you are working on are finished. So it is hardly surprising that people treated so shabbily don't have a particular commitment to their workplace.
Most of the highly technical and well paid jobs (system admins and the like) seem to be already taken by well established old folk, and nobody is really interested in training anybody for when they retire. Managers take IT systems completely for granted, consider IT professionals to be lowly peons, and are in for a nasty shock when the handful of people keeping their systems running leave.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
Looks like the title is overblown. The younger works do slightly more risky things than the older workers. However, the older workers (Gen X in this case) still do all the same things, just a little less often. None of the numbers suggest a big change in risk. A lot of the risk factors being described just go from numbers like 47% to 51%. Hardly anything dramatic.
If you want to secure your network, you need to address all the risks that are out there. Adding a little more risky behavior does not really make for any real changes is the risks to the network. Networks are always at risk from the weakest link. A 60 year old employee who happens to do something risky is just as bad for the network as a 20 year old.
First off: Worst article ever. Not just one paragraph per page...1 statistic per page? Jesus. Content to page ratio is like .001:11. And what content there is is vapid and uninteresting.
If you're an admin tasked with security, you have to assume all users are evil, so the question should be more along the lines of, "What is the problem with your process that you are allowing these users to install unapproved software?" Symantec obviously has a big stake in convincing people that they need better security (assuming that this will drive business for their crappy products), but the simple truth is that these sorts of problems shouldn't BE problems in an adequately secured network...Even your basic windows AD setup on XP is capable of restricting software installs and such.
If you're a big believer in allowing users to install whatever crap that they think they need to do their jobs, then you'll need to invest in some solid networking gear because you're inevitably going to have more problems. Otherwise, just lock it down, set up an approval process, and be prepared to deal with a zillion complaints from people who think they're experts because they did their own myspace page.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
give their passwords on the phone to whoever asks. I've seen it happen. Security is an issue that effects us all. Shouldn't single out the young people on this one.
They are more aware. They just don't give a shit. :-)
Some mornings it's hardly worth chewing through the restraints to get out of bed.
I'm in my mid-20's so I think I would fit into this "generation" gap and want to comment on this. And no, I'm not at work presently to post this, in case the inescapable irony strikes some readers.
I know some of my peers feel that simply having access to the Internet means they can use it during the workday either to take a break during the work period, not work at all or use the Internet on breaks. My friends don't do this but I have had co-workers who have and were generally disciplined and eventually fired for not doing their assigned work.
Personally, I feel that I have an obligation to my employer: 1) to do the tasks I am assigned and 2) to protect the information on their networks. I avoid using the Net at work for non-work tasks and social networks for these reasons.
This article appears to be taking a stupid slant on the statistics that have been gathered. It keeps harping about the "Millenials" (people born after 1980) when really it should say "people in their 20s". My issue is that 20 years from now, the Millenials will be in their 40s, but it will still be the people in their 20s who are the greater risk. The Millenials are not a generation of risk takers, they are currently at the risk taking age.
When I was in my 20s, I was much more risk prone than I am now (in my 40s). Back then I considered it my *right* to be able to install whatever I wanted on a computer, and would be unconditionally annoyed and offended if it was not allowed. Today I am more aware that there are reasons for most restrictions. Yes, some restrictions don't make sense, but a very many do.
This type of thinking was in more aspects of life than just computers. Back in my 20s, I would say that I drove less cautiously than I do today. I drank more heavily, ate poorly, resented having to wear a bike helmet, jay-walked more often, the list goes on. These are all behaviours that I, and most people, grow out of.
Life is like a web application. Sometime you need cookies just to get by.
I will step to put a bit of perspective on this flamefest and tell you something I heard somewhere (unfortunately I can not site but someone here will certainly correct me). The paraphrased quote went something like this:
"The difference between Americans and British is that Americans believe their country is wonderful and is the best one in the world while the reality is that it is terrible. On the other hand, Britons are always bitching about their country without realizing their life is actually pretty good".
I can tell you from my experience in the UK (I've lived in the UK for about 4 years, coming form Mexico) is that you people over here have it really easy. Shit, people can just stop working and the government will pay them money. "spare some change mate?" you see people selling the "big issue" and then they go to cash their check to get beer. That is being poor in this country. Let me tell you, you do not know what the fuck you are talking about.
For people in the UK life is really easy right now. It is, really. You have a hell lot of things which you take for granted. You whine that you can not get a free dentist. Oh shit, but you do not see that in other countries and in other times (even in your country) there is no free NHS even for a freaking Nurse.
So as other people already said, stop whining and go back to fucking work you lazy ass.
Ubuntu is an African word meaning 'I can't configure Debian'
The previous generation had free education and healthcare paid for, mostly, by older taxpayers. Now they have reached that age, they are grumpily demanding tax cuts. So who the fuck has the sense of entitlement?
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
Why do people in this country feel so obligated to work for companies that treat them like crap?
Somewhere along the line here is some element of choice, and it's an element that people have somehow been taught that they don't really have anymore. "It's the best job I can get" or "that's how this industry works."
I don't accept that, and I don't think anyone else should. Once you're working at a certain level, probably just above the poverty line, you make a choice what you're going to do to earn money, and who you're going to work for. We all make these choices based on supporting the kind of lifestyle we want. If your entire industry works this way, and you hate it so badly, you should work in ways that don't make you miserable. That might mean adjusting your lifestyle. But seriously, find something that makes you happy and do it. Don't spend your life working for people that treat you like crap. I won't, even if it means living in a tent. I'm not for sale.
http://downwithpants.org Overthrow the tyranny of your pants
Security is not limited to their physical property. Security includes their digital assets as well.
As an example, if your company makes widget, and the staff uses computers to design said widget, to send those designs to the part of the company (or another company) who actually builds said widget, then the designs for that widget are digital assets, and are no doubt quite valuable to them.
If I as a hacker, working for another company, or even for myself, got access to your company computers and copied those designs, I could then either give them to my company to give them an advantage over yours, or if working alone, I could offer to sell them to every company that competes with yours, giving them all a leg up on your company, plus making a tidy profit for myself.
While I agree that a lot of times the things put in place by IT to stop this are poor, i'm sure they would feel you do not have the right to do things that would aid me in copying those designs. To some IT departments, this includes you installing software on their computers. The fact they may be wrong is still not your task to covet and single handedly choose for them. If you think their methods are wrong, try telling them why, and suggesting a more correct approach. If they still choose to go about it wrong, then let them (and look for another job, since that company most likely wont be in business long, thus needing you.)
You may disagree with their policy, and may even be perfectly right in your reasons for it, but the fact remains it is still their hardware, their network, and their digital assets, not yours.
Taking your attitude is akin to me visiting you, sitting at your computer, deciding that the way you set it up is 'wrong', and changing that against your will.
You have every right to make wrong choices with your own property. So does the company you work for.
And if you really honestly believe it is perfectly ok for someone (you) to come in and tell someone else (the company) what they can and can not do with their own property, well, by that exact logic, you have no right to complain still, because someone (me) has by your own argument the right to come in and tell someone else (you) what YOU can and cant do with your own computer. Thusly, I say you arn't allowed to reply and complain, and thankfully, you would agree