Younger Employees Identified as 'Main Culprits' of Security Breaches

Written by

New research from Centrify has assessed managerial attitudes towards younger employees (18-24-year-olds) and their security, privacy and online behaviors at work.

Released at a press launch event in central London yesterday, Centrify’s survey revealed that, of the 500 senior decision makers polled, more than a third believe the younger generation are the ‘main culprits’ for security breaches, with 37% stating they are too relaxed about security measures, too trusting in new technology (35%) and share data too easily (30%).

However, further investigation by the firm showed that such concerns are not necessarily reflective of real actions of younger employees, and that managerial-level workers are actually failing to ‘lead by example’ when it comes to good security and privacy behaviors themselves.

For example, the biggest worry for decision makers (44%) was that next-gen workers would misuse technology; clicking on suspicious links or removing company information via a USB stick/personal email. In fact, of the 1000 18-24-year-olds surveyed, only one in 10 admitted to clicking on a suspicious link, with just 7% removing information from the company. Conversely, Centrify pointed out that twice as many managers had clicked on suspicious links compared to younger workers, and twice as many had removed information from the company.

Likewise, 38% of decision makers worried about younger workers using corporate devices for personal use, when in fact more of them admitted to playing games on work devices (18%) than next-gen employees (15%), and one in eight used them to gamble online compared to one in 20 younger employees.

Perhaps most poignantly, although 48% of managers felt concerned about how younger employees’ social media activity might affect the organization and compromise security, just 40% of 18-24-year-olds said their company provides clear guidance around social media usage.

What’s more, according to younger workers, only 40% of employers enforce a regular password change despite 56% of managers worried about password sharing, whilst 36% said they are able to access any/all files within their business network without restriction despite concerns around the taking of company information from the workplace.

“Some may think of younger workers as always online, always ready to share information and perhaps not being as concerned about privacy or security as older workers, but we must remember they are the business leaders of tomorrow and we must help not hinder them,” said Barry Scott, CTO EMEA, Centrify.

“While it’s clear that employers are concerned about this new generation entering the workforce – and see them as a potential risk to both the business and brand – these same companies are perhaps guilty of not putting in place the right security processes, policies and technologies. If you give employees access to any information at any time from any place, or fail to enforce strict password and security policies, they are likely to take full advantage, putting both their own jobs at risk as well as the company itself.”

What’s hot on Infosecurity Magazine?