If the “buzz” is what you believe in, it would seem that millennials are here to overtake the world. All the marketing in the world seems to be directed at millennials. They’re the ones who’re seemingly the most desirable component of any workforce. You switch on the television, take a walk in the park, visit the cafeteria of your office at peak hours and you’d notice a vast difference in the ways and methods of millennials, as compared to that of baby boomers and Gen X’ers. The generations not only look different, they think different. And while these generational differences can help spark a diverse and creative workforce, they can also cause an IT security gap. This guide, be assured, is not at all about bringing out the highs and lows of the behavioral aspects of different modern generations. We’re going to consider the implications of at least three different generations working together in modern enterprises, specifically in the context of IT security.
Implications of workplace diversity: IT security gap
What’s the need for this? Isn’t IT security management a big enough headache already? Am I supposed to even be bothered about how workers from different generations interact with IT systems? These are valid questions. However, to help you appreciate the drastic differences in how different age groups interact with IT systems, and what it could mean for IT security management, we’ll present some insightful findings from a recent collaborative research study conducted by Ponemon Institute and Citrix.
- GenX’ers and millennials are the likeliest to be negligent toward IT security policies (30% and 25% respondents).
- The average millennial is more than twice as likely to use an unapproved app or device in the enterprise network as compared to a baby boomer.
- Baby boomers are highly vulnerable to social engineering-based identify thefts and phishing attacks.
- Baby boomers are the most unaware of techniques of protecting confidential and sensitive digital information.
There you have it; we hope you’re on-board now. Let’s explore the different tools enterprises can use to manage IT security threats accentuated by the reality of highly diverse workforces, and their highly diverse behaviors toward how they follow security protocols, thus creating an IT security gap.
Contextualizing IT security policies for groups of users
What’s the No. 1 reason anybody contravenes or ignores security policies? It’s because too frequently, enterprises just go for security policies that reflect the highest risk scenario without acknowledging that such a choice automatically imposes a lot of constraints of applications access, which negatively impacts productivity. This is where the need to contextualize access controls comes to the fore.
- The security rules must take into account the role of the user and the task at hand, apart from the device, network, and location.
- Using multi-factor authentication can help enterprises ease out access to applications, provided users log in via MFA.
- Instead of automatically denying data access requests on mobile devices, IT security policies should be smart enough to analyze the endpoint, and if deemed secure, allow the access.
Streamlining network security without suffocating the idea of remote work
Gen X’ers and millennials cherish the idea of being able to work from locations other than their office cubicles. Millennials, in particular, hold the flexibility of being able to work remotely with high regard. Naturally, the modern enterprise has to accommodate these expectations.
BYOD has witnessed tremendous adoption in the past decade and added another dimension to the idea of remote work. Enterprise mobility has become a key enabler in ensuring productivity. However, this poses challenges for IT security teams, because they’re now tasked with the responsibility of keeping all kinds of networks, applications, and systems secure, even when employees access them from a variety of devices and geographical locations.
The idea of contextual access management has its applications here. An example — allowing SaaS applications to be used natively within the enterprise network, and automatically routing out-of-network access requests to virtualized environments for more safety. In fact, SaaS solutions are the best foot forward, because cloud solution vendors take care of IT security aspects while ensuring that authorized users are able to access and log in to systems from anywhere in the world.
Monitoring and analytics of applications’ and network resources usage
Security is an active function; there will never be a standalone tool or policy that can solve all security issues. This is where the need to constantly monitor and collect individual user-level data becomes important. End-to-end app traffic visibility along with accounting and auditing of resource access — that’s the foundation of wholesome enterprise IT security.
For employees who seem to be engaging in risky behaviors, and for those whose usage patterns show a sudden change, such a monitoring mechanism acts as the early warning indicator that can prevent a highly compromising cyberattack. In most cases, it might turn out to be a harmless anomaly. But look at it in this way — in the very least, this will act as a reminder to that excitable millennial employee that IT is watching every move, and will motivate him or her to align actions with the best practices laid down by the enterprise. That’s a good step in closing your generational IT security gap
Increased awareness of IT security practices and implications of breaches
In the first half of this guide, we highlighted unique aspects of each generation’s IT interactions. This should be a strong base for your IT security teams to send out highly relevant communications on the best practices expected to be followed, known risks that need to be mitigated, and also the implications of how single careless action by a careless user can create a dangerous IT security gap.
Security for the ages
Multi-generation workforces can help foster success for any enterprise, particularly because the kind of synergies that can be nurtured via the coming together of unique aspects of working styles across generations. Cross-pollination of ideas, practices, and viewpoints becomes a guiding force for innovation. IT security can act as the magic glue that makes sure there are no leakages in this ecosystem, at least in the form of security issues.
Photo credit: Shutterstock