Slashdot Mirror
Young Employees Pose Increasing Risk to Networks
buzzardsbay writes "Baseline is reporting on an upcoming survey from Symantec and Applied Research-West that confirms many suspicions about the generation gap in the workplace, namely that younger workers will use your corporate network to run most any device, technology or social networking software they can get their hands on. Dubbed "Millenials," these workers born after 1980 are nearly twice as likely to use cell phones and PDAs at work, and half admit to installing unauthorized software on their employer's computers. On the upside, the Millenials are more security aware than their older co-workers."
They pose a greater risk because of unauthorized software, yet they are more security aware. Am I missing something that would otherwise make this sensical?
disclaimer: I am a "millenial", whatever the hell that means ;)
From the second slide: It's irritatingly true that many millenials can't pry themselves from their damn phones. Nobody should allow their phones to ring in class or during a date -- unless they're dope dealers, pimps, doctors, or on-call IT staff. That's why I prefer the company of mature women: they say a lot less, but what they say actually counts!
From the fourth slide: Not at all surprised to see that 59 % of "millenial" workers think they can install whatever they want, given that more of them are spoiled gimme-gimmes...but to be fair, I'll bet that older people are far more adept at trashing their home computers than millenials are at trashing any computer. How many times have you all had to reinstall your grandpappy's mangled, crapware-infested OS(which shall remain nameless...*wink*)?
From the tenth slide: how does better access to technology improve work/life balance? Does it enable workaholics to work from home during their offtime? Does it enable employees to feel "home" while fuckin' off on Myspace at work? I doubt that a significant percentage of those sampled were full-time telecommuters who truly felt a better work-life balance(read: they weren't "encouraged" to put in mass overtime just because they worked from home).
Pffft.
No, I'm not making this up. This really happened one place I worked.
My blog
What exactly does "unauthorized software" mean?
My company doesn't give me administrator privilages, but has IE 5.5 installed. They haven't told me exactly what I can or can't do with my computer (except "you can browse the web in your down-time, but don't look at porn"), but I don't think the people that immediately oversee me know enough about computers to understand installing programs and stuff (really, it's pretty amazing--they don't even know that IE 5.5 is different at all from whatever they use at home).
The computer won't let my upgrade IE, so I installed Opera and Firefox. Is this "unauthorized software"?
Now, let's go a step more complicated.
They said I can browse the web in my downtime, right. So I figured I can also download and view MIT physics lectures (yes, Walter Lewin). My computer doesn't have proper codecs to view these videos. So I had to install codecs, but the computer is very resistant to that--it took a lot of trial and error to find a codec that would install and also play the videos.
Did the larger amount of work to avoid the problems associated with a lack of administrator privileges make this "unauthorized"?
I've also tweaked the registry (this is Windows 2000) because there were several programs starting with the computer that I have no use for. "Unauthorized"?
No, its selling these things off to make a profit for the already rich. We can afford them, contrary to the propaganda that you have clearly bought into hook line and sinker - its simply that the rich would rather have the money required for themselves and let us suffer. Stop reading the Daily Mail and pay attention to reality.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
I'll remember this article next time that me, born in 1982 has to go round removing all the shareware games like Kyodai that all the middle age helpdesk women have decided to install on their computers because the 40 yr old manager we have thinks they should be free of security restrictions even if it causes such problems and creates security risks for the network.
Or when I'm dealing with silly amounts of calls because one 40+ yr old colleague is stood outside on their mobile phone arranging with their wife who is doing the cooking and the other is browsing holiday sites deciding where to go on holiday next.
Articles like this are stupid, they're a generalisation and where I work it couldn't be further from the truth. 3 out of 4 of our 1980s+ born workers and 1 out of 12 of our pre 1980s born workers make up our best 4 workers, that's completely out of line with the articles findings and whilst I realise you always get anomalies from statistical samples you should also not try and dress up this kind of bullshit as general fact.
In fact look at TFA, as hard as that is when it insists on jumping to the next stat before you've had chance to check the page properly I don't notice any information how solid a test base they used.
For all I know this could be put together by some disgruntled middle aged worker who actually sucks bad at his job but like many would rather blame someone else and so decided to blame the younger generation for taking his work.
Anyone know how reasonable a test base was used for this study? As it stands I could equally put together a made up study claiming older people are more likely to steal from the work place and pass it off as being fact.
Same old shit. "You are new, just accept your shitty pay and conditions and one day you will get the good job". I heard that before, and actually believed it for a few years. Then I saw the lack of progress me and all those around me were actually making. What you are saying is bullshit.
It isn't about greed, it is about respect and being paid your due. The amount you are paid for applying your knowledge has less to do with the quality of your knowledge than how long you have been with the company - and young people are rarely with a company for long because we are treated as disposable tools. In such an environment where what you produce is compensated for by a pittance just because you are young, there is no incentive to work hard. There is a significant incentive to run off half-arsed work, spend the rest of the time playing with your gadgets, and bullshit your supervisor with technical jargon - so after 4-5 years being bounced around the industry that is what I did. Doing so made me feel slightly better about my shit jobs, and made no difference to the rate at which I was turned over.
But like I said, I'm out now. I'm going into physics and hopefully a job where I can actually be respected for what I know.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
Izarc (because the 'authorized' WinZip sucks)
...
Firefox (One internal website went as far as to redirect you to 'this doesn't work with FF' even though changing the user agent made it work just fine).
WinAmp because yes, I am more productive when I'm listening to music.
Sametime 7.5 (Company only 'authorizes' up to 6.5, but the difference is amazing), but I guess that's a 'chat' client.
Foxit instead of Adobe
DVAssist because I type on Dvorak and sometimes other people want to use my computer. Heck I even edited the registry (GHASP) so that Dvorak was the login keymap instead of QWERTY.
Some stuff from Yokogawa so that I can remotely control a scope that I got off of their website
WinDirStat because we kept getting e-mails about our shared drive filling up and I wanted to visually see wtf was going on.
Launchy because I love launching all my programs from my keyboard (I'm a Mac user and used Spotlight/Quicksilver at home)
4T Tray Minimizer so I can move stuff off of my screen and still have it running like Matlab or Excel.
Oh and Angry IP scanner (which my virus software deleted until I downloaded the beta which has a different name) because I work with XPC boxes, Yokogawa scopes and other devices that I have to change my IP for and I want to see if the cable is working so I ping them. And sometimes they don't have the IP address written on the side of the box, so I have to ping the whole subnet.
Or an admin who has looked up the file and registry permissions required to run the shoddy software (shoddy, yes, but also provided by manufacturer and the only way to do business) and found that said software requires the admin to essentially open up the entire HKLM branch anyway, thus granting local admin privileges available in fact if not in name. Welcome to the wonderful world of car dealerships.
End of lesson. You may press the button.
I'll say that there are some organizations that are bereft of basic civility, including basic respect and cogent compensation. And I've seen a ton of impatient, fed-on-a-platter screw-offs. It's your job to deeply research an organization's ability to satisfy your goals. If they don't, get out of there. In the meantime, there's no such thing as a free lunch. Work hard because it's the right thing to do. If you can't get respect for it, move on. Apparently you did. Good for you. Don't expect technical excellence, rather, US business holds executive, then shareholder compensation first, all others can eat the rest of the crumbs.
---- Teach Peace. It's Cheaper Than War.
I'm not a 'milleniumial', I was born in the first half of the 20th century. When I work for a company, they want two things: productivity and security. Security means that I'm not going to harm the company physical property and co-workers. Productivity means that I produce more of what they sell than it costs them to pay me.
Two paracitical factors inhibit this arrangement: the IT department and the human resources (legal) department. The cousin ITs believe that they can build a framework according to their training that will make us all be more productive. The HR believe the same with a different framework. But since neither of them are engaged in the primary productive activity that makes the enterprise profitable, the inevitably screw it up. In a million little and not so little ways. So we fight back.
Case in point, in the USA the politicians and insurance companies have fucked-up the health care industry to the point where most employers will not hire people in order to avoid providing health insurance. They hire people on 'contracts' creating a class of permanent temporary workers. This is especially common in the electronics industry. We work some place for six months, then work another place for six months, etc... If we get sick, we point a gun at the head of some supermarket manager and have him give us the cash in the safe. It's the new American way, it will happen to you, so don't judge me for what I must do. I don't want to hurt anyone.
Anyway, we bring our own tools to new jobs. Our software programs that we customize and modify that will maximize our productivity. Tools like text editors, spreadsheet macros, graphics and CAD design programs. I'm going to spend forty hours learning CADbozoCAD when most of the industry uses BozoCAD, just because your company got it a 10% discount? Fuck that!
I'm going to put BozoCAD my computer that I work with. I'm going to create works and convert the results into standard formats. I'm going to ignore as much as possible any previous work done in any non-industry standard format. Is there a risk to your company network and even maybe the BSA Microsoft thugs? Possibly, but...I...don't...give...a...fuck. If you hire us and provide health insurance like all companies do in the rest of the civilized world, then I ( and the millions like me in this situation) would be more sensitive to these concerns. It's one of the unforseen issues that results from using perma-temps as your workforce.
Most production managers realize this and accept it. Most cousin ITs and dumb-as-shit Human Resources people don't. Because it doesn't fit into the frameworks that they built. But my paycheck depends on the companie's bottom line and as a production worker, I create that.
So it is a constant three-way battle between the cousin ITs (the information technology department of the company who maintain the company network),the perma-temps, and the HR lawyers. They ALWAYs believe that by firing us, they maintain control and security. But they don't provide the product that keeps the company in business. Their departments are not profit centers for the company.
So the game just goes around and around. This is why I have come to hate the IT department in any company. HR people are too stupid to be concerned with, and lawyers aren't human so don't waste emotional cycles on them.
Research won't help, because it isn't like there is a surplus of jobs. There is a consensus amongst the few employers hiring that young, qualified IT people should be treated like cattle. Yes, I got out, but I'm still pissed off that I wasted years of my life in an industry that frankly didn't deserve what I was putting into it.
I'm hoping to go into research where hopefully scientific results matter more than what looks like it might make some money. I know its a longshot, but there is little else I can do given the circumstances.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
I'm on a government project. None of the software we need to use is approved. IDE, debugger, sql optimizer, photoshop, etc etc. The network administrators aren't allowed to have PuTTY, nmap, etc. If the branch chief's secretary doesn't need it, they don't see why we would.
this is getting old and so are you
blog
If a piece of software needs admin privileges for no obvious reason will have lost me (and all the PCs I control) as a customer, at least until they fix their act.
After 3 days without programming, life becomes meaningless
- The Tao of Programming
sometimes one has to depend on others' passwords(with the other's consent, of course) to get stuff done
Oh no no no. I can't image a situation where someone else would have some legitimate business reason for knowing my password. Further more, I cannot imagine a situation where I'd want to know someone else's password. That's all I need, "Did ya hear? Bob got called in to the big boss's office this morning--something about 'questionable content' on one of the servers. Rumor is Bob claims someone else had access to his account."
I have some unauthorized software on my computer. Some I really can't do my job without--Oracle client and SQL-Plus. Some are just nice to have--EditPadPro, for example. (Corporate policy was obviously written for business users, not IT or IS.)
But passwords and access are entirely different story. If you don't have the credentials needed to do the job and someone is suggesting by-passing network security, it's time to suggest a meeting with that person, yourself, and that person's boss to get a clear understanding of why the situation requires a disregard for the company's security policy and all the common sense rules of network security.
Now if you don't have the required access because you didn't contact the system/application owner or follow whatever procedure is in place to request access, I suggest you bite the bullet and take the blame. I'm sure whatever consequences follow will not be as bad as if you get caught breaking into someone else's account. (An account on a company system belongs to the company. If anyone in your IT department has any sense, there's a policy against sharing accounts and passwords such that an individual employee is not at liberty to share account information. Just because someone gives you their password does not mean you are authorized by the company to use their account.)
replying as anon, since anything vaguely anti-leftist seems to get modded down into oblivion here.
On "socialism security", you're absolutely right. It will be dead and gone by the time any non-baby boomer reaches eligibility ( esp. once they raise the eligibility age to the high 80's to stave off collapse ).
The basic problem is there's fewer and fewer people in each generation after the boomers, and the boomers ( along with everyone else ) is living longer. Thus, more people taking out of the social service coffers with less people paying in.
Soon enough, the government could tax everyone at 90% and they still wouldn't have enough money to pay for all the existing social programs. Exceptions might be places like Norway, where they can use profits from oil to prop up the social spending.
So, even if it's impossible for someone to make it on their own as the g/p suggests it looks as if we'll see that theory put to the test.
Given demographics, it seems inevitable that the social spending of western nations must collapse.
he chose to blame insurance blah blah... but the fact of the matter is temp agencies ARE becoming massive massive employers for white collar jobs. the early temp agencies were for blue collar jobs, but now it's spread to white collar jobs and, yeah the company usually doesn't hire you because replacing you with another temp instead of hiring you is 'cheaper.'
I have heard of many many places that now use temp agencies almost exclusively. The reason why white collar jobs are going to temp agencies, is because they can staff the positions like lightning and have them ready to be restaffed when the people have been on contract too long, and you get a really good idea of where to put certain people because of the tests the temp agency runs... I know some of this stuff can be done with a normal HR department, but it boils down to cost, temp agencies get the worker to do the same job for less pay, even when the temp agency takes a certain cut of that pay.
https://www.gnu.org/philosophy/free-sw.html
In other news:
"That's not our problem", says area CIO. "Our problem is educating our helpdesk, that if someone calls and says he's an employee and needs a new password for his account, they shouldn't just give out a password without further identification. "
Seen it happen in three companies in the last 5 years. Each company with more than 2000 employees & one of them a fortune-500 company.
You can attach boosters to anything. It just costs more. -
Anonymous Coward on Sunday November 07, @12:26PM
It's not just cost. It's skill.
You can't actually hire someone straight out because once you're do, you're basically stuck with them and the lies they put on their resume to get the job.
Contractors who are any good get hired permanent once a company realizes it. And by "good" I don't just mean good technically - gods know there are plenty of assholes who can code pretty well. It's personality and compatibility with other human beings. Note that the great-grandparent ranter who started this fails in those regards. HR (who are also shockingly just trying to make a living) are too stupid to even respect? Buh-bye.
I'm willing to bet that the vast majority of "unauthorized software" are things like chat clients, media players, RSS/Weather update notifiers, games and software for personal devices (iTunes etc).
I'll bet I'm not the only one that carries a flash drive filled with very useful, PORTABLE APPS (and bless the people that create them!) I can run them without any permission because they don't need to install. How about things like Gimp and KompoZer so I can get my job done better and faster? The only "legitimate" graphics editor I can have installed is a very old version of Photoshop which costs $$$ and FrontPage is the only "official" HTML editor.
That's part of the problem when they really tighten things down. Sometimes it's about what software is allowed even if you pay for it. The smaller companies can have the advantage over the larger ones as they are usually more flexible--so you can get the tools you need, as long as you have the budget. The large ones tend to get a set of standard software (i.e., MS Office) and getting anything else (including MS Access) is like pulling teeth. They forget not everyone does the "stadand" type work of spreadsheets and memos.
Also none of the companies I've contracted for have gone to Firefox as an alternative (or IE7 for that matter). Even when they have a web site that's undoubtably being viewed by others using something besides IE6 (and I'm part of the team responsible for the web site.) So it's nice when I can use my browser to view pages...if the network allows.
If you've never been modded as "flamebait" or "troll," you've never tried to argue a minority viewpoint here!
Yes, you were. The baby boomers. Us gen-X-ers watched them take over everything on the grounds that youth and social position should not be discriminated against, cement themselves so firmly into positions of power that nothing can dislodge them, and then kick away the ladders they found so useful on the grounds that age and achievement should not be discriminated against. You lot are the second generation they've shat on - they practised on us, and we were so stunned by the sight of our future being flushed down the toilet that we let them get really good at it. Sorry about that... on the other hand, you guys have at least grown up without the memory of hope.
No need for docs, just a need for regmon and diskmon and a couple hours of time to mess with it. Of course, that's assuming that the software doesn't just cycle through all the HKLM keys until it finds the one it's looking for...
End of lesson. You may press the button.
I don't think it is fair to make such a broad generalization.
It depends on the person. I have had plenty of very technical people
in non technical positions. It is the halfway ones that give me a problem.
Someone that is savvy will already know how to gain
administrative rights on a Mac Laptop, and won't have to ask. The truly savvy ones
almost never call for support unless a piece of hardware has failed.
Tales from the trenches:
I was working desktop for an advertising agency around the time that p2p was
becoming VERY popular (edonkey, kazaa, etc). Each summer we would get a new
batch of college interns. You could bet on 2 things, the girls were cute, and the
boys would barely even pause to call their moms before installing their favorite
p2p platform.
At my next company we discovered a guy running around after 6 pm starting edonkey
on every computer in his department.
It wasn't long before hair trigger p2p client detection was installed.
music lover since 1969
Don't get me started. Bunch of damn photographers didn't want to have to keep plugging their laptops in. We set up wireless for all the salespeople, but the photo people were too far away to get it (and didn't have the budget clout to get the corporate-mandated cisco hardware), so they try to set up their own without telling anyone.
First thing I know of it, I come in and see that there is another DHCP server on my network, and that it's running a 192 subnet, AND that there are damn 15 users...The router was sitting on a window ledge and the people at the coffee shop three doors down were logging on to it because the bandwidth was better.
To say I lost my shit would be an understatement. I'd locked down all the "public" ports, so someone couldn't just sneak into the building and plug something in in a conference room, but I hadn't locked them all down because it was too much of a p.i.t.a. After that I had to, and register every MAC address, which pisses people off of course, because it adds a big headache for everyone who brings a laptop into the building and just needs internet access, but if you can't trust people to obey the rules...
I tout it as a proactive security measure, but it's really just another headache with little benefit. I tried setting up an internet only subnet for all the ports that people only used occasionally, but it was more trouble than it was worth.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
I was going to comment on this thread, but you hit the nail on the head. I work for the "evil" fortune 500 large corporation. Same situation. We get a lot of resumes, a few look like they might be a match technically, and then even fewer have the personality to work in a corporate environment. We almost exclusively do try-to-buy contracts here for that reason, usually 6 mos to a year before someone will get hired on full-time. It's a two way street also, sometimes after 6 mos they want to run screaming from here. We've gotten to the point where we are usually willing to sacrifice technical expertise for personality. We can overcome just about any technical obstacle, however the rogue @ssh0le programmer that can't and won't work well with others is virus to the organization, especially considering it takes an act of congress to fire anyone anymore.
Maybe... just maybe... you have a point. But if so, the boomer generation should emphatically NOT be saying Gen X and Millenials are lazy self-entitled pansies. Instead Boomers should be saying - We're sorry, we collected more intergenerational economic rents than we should have, and kept doing it for too long. We are the arrogant and greedy generation. Now that we are "rich" on our children, grand children, and great-grand-children's backs, how can we transfer some of that wealth back to later generations and ease your transition into economic sustainability?
Ok, I am 26 and fit into this category.
I am a unix (solaris, aix, linux) systems administrator and my job is being the darth vader of unix land essentially. That being said, yes, I installed unauthorized software on my windows workstation.
The software? Firefox, putty, cygwin, gvim, winscp.
Un-authorized? Sort of, but only if I can't prove it doesn't apply to my job. If your policy doesn't allow people to install tools they know to be useful to their job, your policy is wrong. Now since I am an admin of sorts, i can understand the iron fist reasoning for tracking what is installed and where. But the same reason I need putty is the same reason I as an admin can't sit there and easily judge if user xyz really needs app foo.
A chat client? Yeah, good luck convincing me on that, but installing emacs or gvim to edit files? As long as you ask beforehand why not? Then I know, and more importantly I know who installed app xyz. Isn't IT supposed to be a cooperative venture and not adversarial?
I can't imagine I am alone being my age and with this attitude here. But whatever, flame away.
mod parent up. it's not a troll it's the clearest explanation of the problem with the OP in the thread.
Things change. I don't treat my youngest son exactly the same, nor provide for him exactly the same, as I did his older brothers. Partly because he's different, partly because our environment is different, partly because *I'm* different.
I'm guessing the OP is old enough to vote. Part of the problem then?
Damburger- as to respect. If you require every interaction to prove deserving of respect then you'll forever wander a lost zone where nothing is real. You sense this and you call it cynicism. It is not. It's just simple misanthropy.