As the younger generation enters the workforce, IT is supporting more users who don’t care about policies or security.
That’s the word from a recent survey of young professionals conducted by Cisco Systems. Among the people surveyed:
- 70% said they frequently ignore IT policies
- 61% said protecting information is IT’s responsibility, not theirs, and
- 56% have allowed others to use their computers without supervision
Though it’s easy to put all the blame on those employees for not caring about security, there may be some changes IT can make that would help increase compliance with the rules. When asked why they don’t follow policies, 22% of respondents said they need access to unauthorized programs to get their jobs done, and 19% said it was because the policies aren’t enforced anyway.
In some organizations, IT departments may be able to do a better job in aligning users’ needs with their policies — as well as enforcing the rules so users know to take them seriously.
Security training might also be improved by adding a personal component to catch people’s attention. One figure that might be worth pointing to: Partially because of their lax attitudes regarding information security, Cisco found 23% of young professionals become victims of identity theft before they turn 30.