Never Trust Anyone Under 30

Security | Blog Post | Charlene O'Hanlon, Monday, June 28, 2010
Cisco Systems, security, User Policies

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20
Previous Next

Click through to see more findings from a recent survey by Cisco Systems.

Cisco is sharing the results of a survey about the overall state of network security in the enterprise worldwide.

The survey – the results of which were announced in conjunction with the announcement of its partnership with other vendors to create validated secure borderless network systems – looked at the security processes of companies in the United States, Germany, China, India and Japan. Specifically, the survey delved into the IT security issues related to tracking vulnerabilities and policy enforcement in the corporate environment.

More than 500 IT decision makers from the five target countries took part in the survey. Interestingly, security in the United States, China and India is achieved using a multipronged approach, with companies incorporating more than one technology to track vulnerabilities. But despite the greater attention to security, respondents from these countries regularly find employees are using unauthorized devices or unsupported applications on their network, resulting in information loss.

Social networking was the largest offender, with 68 percent of respondents reporting unauthorized Facebooking (or other online socializing).

What may be the most telling findings, however, are those that show how important security issues are relative to hiring and keeping good employees. The survey reveals a feeling among its respondents, especially those in China and India, that overly strict security policies can have a negative impact on the hiring and retention of employees who are under the age of 30 – a whopping 71 percent, in fact.

And yet, more than half of the survey respondents said they would allow personal devices on the corporate network within the next year, despite the potential security risks.

Both of these statistics show that many IT decision makers are apt to turn a blind eye to seemingly non-threatening but nonetheless real security breaches in the name of employee satisfaction, especially those employees under 30. Do they think employees over 30 are the only population posing a security risk? What is it about employees under 30 that makes them immune to security policies and impervious to scrutiny?

I can understand that younger employees may be perceived to be more in tune with cutting-edge technologies, but that’s not always the case. Sometimes, experience is the greatest teacher. And experience is the one thing many of these under-30 employees lack.

It seems counterintuitive to implement tight security policies and turn around and ignore them to keep employees happy. Ensuring the security of corporate information should be the IT decision maker’s highest priority.

Comments (10) Bookmark and Share

Comments

Security
Wed, 2012-01-11 15:37 — Business Intelligence (not verified)
How is Facebook resulting in "information loss" exactly? Overly aggressive security measures will probably upset most employees, what is the ratio for over 30 year olds?
Under 30?
Mon, 2011-11-21 16:24 — ISO-9001-Consulting (not verified)
My experience may be different on the under 30 issue. Most of the 20 somethings in my business are more to be trusted than the 50 somethings. However this my not be true for all countries.
Its not under 30 its the executives.
Thu, 2011-09-29 09:18 — Anonymous (not verified)
Sorry, Its not the under 30 that cause the issue with breaking security to adopt the "new shiny tech toy" or get access to the new cool website. Time and again its the executives who have the disposable income and buy some thing like the iPhone or iPad over a weekend then show up Monday and demand to IT and Security that it works on the corporate network. They come in and demand to dork up security and put your job at risk based on elite privilege. Seriously, there have been hundreds of articles to this point. So in reality the failure starts at the top and everyone says "me too" and everything collapses from there. Really... how disappointing.
Netbook Brands
Sun, 2011-06-19 18:04 — Tusabanna (not verified)
Help me! I am posting this message from my friends computer because I feel some traffic at this site, I see people are reading this site. My computer broke! My NOTEBOOK broke. I was looking at many places and I am so confused what to select. I don't know much about COMPUTERS, I feel so dumb and don't know where to BUY REFURBISHED COMPUTER. I found fashionlaptops.com (you can see it here, direct link - "LAPTOP") - but they have so plenty of them so I am really confused what to buy. Can you please help me and tell me what to buy? I just did not see other stores then fashionlaptops.com site with a big choice. Please help to select something good and cheap. Thank you!
WOOHOO!!
Mon, 2010-08-09 07:57 — Anonymous (not verified)
I am over 40 so does that mean i should be trusted??? ROTFLMAO even I dont trust me :D the Bouncer
What a survey
Wed, 2010-07-28 14:47 — Calimero (not verified)
This is a valuable information for our security guys and worth to pay attention http://www.business-intel...
Thanks for making a broad
Wed, 2010-06-30 09:53 — Anonymous (not verified)
Thanks for making a broad sweeping statement about all of us who are under 30. I cannot express how much I appreciate you making the claim that I should never be trusted. Now that I have that out of my system, you're a fool. I work in Information Security and I have seen people of all ages do the things you discuss in your article. Stop making silly generalizations and write a real article.
Don't worry 'bout it, broad
Tue, 2010-07-06 14:11 — Old Fart (not verified)
Don't worry 'bout it, broad sweeping statements are the norm. You'll get used to it as you get older ;-)
Missing the point
Wed, 2010-09-01 13:05 — Anonymous (not verified)
Everyone here is missing the point. The article doesn't do a good job at making its point either. It is all about the processes or systems you have in place. This is more evident in business but can apply to personal security as well. Clear policy procedures. Many small business lack security because the people are the system. (ie. If John Doe has X amount of things to do and John Doe doesn't come to work. X amount of things don't get done.) In a larger company the people work for the system. (ie. If John Doe has X amount of things to do and John Doe doesn't come to work. X amount of things get done by someone else.) Alright already what does this have to do with security. Well, policies and procedures, falls under the systems the company has in place for its employees. They nailed it on the head with the title of the article and the short first paragraph. After that i think was a bunch of confusion. Sure the younger generation is going to be on Facebook, twitter, etc more than the older. However, if you have a policy (or process) in place that holds these employees accountable for their actions then you will make out better than if you told them just not to do it again. Age will not be a factor here it will be who is using facebook??? I don't think I was a clear as I should have been but I think everyone gets the point. Live life!
Thanks for the knowledge, and the education!
Wed, 2010-06-30 09:15 — Anonymous (not verified)
Believing that life is full of opportunities to grow and prosper, I embrace the knowledge of many sources, and thank you for these wise lessons. I am a subscriber to the free info you provide, and consider it one of the best freebies available, right up there with these: "Free, Libre, Open source Software" at SourceForge.org Distrowatch.com livecdlist.com Linux.org GNU/Linux BSD.org

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <b> <i>

More information about formatting options