Keeping networks safe: Security in the era of the millennials

One of the toughest gigs in IT is the job of keeping an organisation’s network safe. It is also one that is getting tougher with the rise of the millennial generation.

IT Job, organisation’s network safe, Millennials, Network Secuity, CareerBuilder, HR software, mobile phone, Internet, URL filters, Web filtering softwar, CIOs, security layers, MDM
One of the toughest gigs in IT is the job of keeping an organisation’s network safe. It is also one that is getting tougher with the rise of the millennial generation.

One of the toughest gigs in IT is the job of keeping an organisation’s network safe. It is also one that is getting tougher with the rise of the millennial generation. Millennials—those in their 20s to mid-30s—are starting to dominate workplaces around the world. The term “millennial” has many connotations. Among them: They like sharing on social media. They won’t put up with bad user experiences. They want a flexible approach to work. They move on quickly if their expectations are not being met. These characteristics will define the culture of the future workplace. They will also put the current network security regimes of many organisations to a stern test.

Here are three considerations.
Social media: To block or not to block? Many organisations have probably considered this question when it comes to their employees’ use of social media in the workplace. A study by HR software provider CareerBuilder, which polled employers from North America, found that 37% of employers see social media as one of the major productivity killers at the workplace, behind mobile phone and texting (55%), using the Internet (41%), and gossiping (39%).

From a network security perspective, social media is a vector for malware and socially engineered attacks. It is easy to ban or restrict social media sites at the network level. Static URL filters in Web filtering software can block or monitor specific URLs.

But that doesn’t mean CIOs should start blocking social networks at the workplace. A better approach is to relook at how network security is being enforced holistically. Having a clear social media policy and training for staff is a good start. The most important safeguard though, is to have a robust, layered security infrastructure. It is a surer bet than having to rely on employees never erring in their clicks, taps, and swipes with their social media accounts.

Know the security layers: Layered security, whereby different layers of security controls combine to protect data, devices, and people, is widely adopted today. It ensures that when attacks occur at different sources, they can be detected and stopped before they spread. With the changing workplace habits brought on by millennial workers, CIOs should relook at how they are setting up each layer of protection.

In particular, CIOs should look at bolstering security at the device layer. The first step to take is to shore up the devices themselves through mandating some combination of firewalls, anti-malware software, MDM (mobile device management) solutions, and regular patching. A BYOD culture also puts organisations at risk from having their employees’ smart devices hacked because of poor passwords. Having policies and education on strong passwords are musts.

Device types can also be identified so that less secure devices, such as mobile phones, can be restricted from some parts of the network. Sessions should also be secured, such as by preventing users from visiting unsafe websites. Similarly, defenses of the user layer should also be shored up to mitigate the rising risks of internal threats.
Tackle shadow IT: Shadow IT is a term used to describe the use of applications and services, often cloud based, not sanctioned by the organisation. Its uncontrolled nature poses a security threat and governance challenge.

You might also want to see this:

Consider the scenario of employees using their smartphone to open a file. It is likely the phone will make a copy of the file, which could then be sent to an unapproved online storage destination when the phone performs its routine automatic backup. Just like that, your secure corporate data has been moved to an insecure location.

In the same way, the many social collaboration apps favoured by millennials can shift sensitive company information to insecure locations. Mandating that staff stop using non-sanctioned devices and applications is unlikely to stop their growth in the organisation. Frankly, with the ubiquity of smartphones, employees are using social networks and their personal cloud apps whether your policies prevent it or not. While CIOs may not be able to prevent staff from seeking out alternative apps for, say, collaboration, they can keep things in check by being attuned to their needs.

The writer is regional director, India & SAARC, Fortinet

Get live Share Market updates and latest India News and business news on Financial Express. Download Financial Express App for latest business news.

Most Read In Technology