In a recent ITworld article Shane Schick and Jennifer Kavur write that toothless enforcement of IT usage policies leave CIOs two choices: Prepare for Gen Y to ignore the rules or show them some tough love, according to a report from IT World Canada and Harris/Decima.
The fallout from ignoring the CIO isn’t great, according to “Freedom to Compute: The Empowerment of Generation Y”, which says 90 percent of Gen Y workers have suffered any consequences for bypassing policies. None of them have been fired for it. Seven percent said they didn’t know if repercussions even exist.
Freedom to Compute polled more than 1,000 workers between the ages of 18 and 29 about their attitudes towards IT, and got reaction from CIOs and CEOs in order to explore the technological generation gap.
Harris/Decima vice-president Lise Dellazizzo pointed out that ignoring IT usage policies can be highly damaging to companies and include accidental or malicious leaks of customer data outside the company, misappropriation of IP, misappropriation of competitive information and other breaches.
“By virtue of the fact that they are using more technology, that they’re using a greater number of applications, means that there’s a higher likelihood that there’s more vulnerabilities and there’s more threats that could compromise those vulnerabilities — just on a sheer numbers game,” said David Senf, director of Research, Security and Infrastructure Software at IDC Canada.
Gen Y does not necessarily bring more security concerns than other employees, said James Quin, senior research analyst at Info-Tech Research Group. “I think they bring different security concerns than other employees…with the introduction of the Internet and Internet access at work, people learned they can use the Web to waste time…the difference between Gen Y and the generations that went before them is the sites they are going to waste that time,” he said.
Dellazizzo said the responsibility for enforcement is clear: the CIOs are at the front of the line. “If senior IT assumes responsibility, take ownership and demonstrate the importance of establishing and respecting computing security and usage standards — this in itself will make an impact,” she said.
“Behind the front line is HR, who must enforce these policies and implement repercussions that are appropriate; and, perhaps most importantly, the actions both from IT and HR must be clearly supported by the CEO.”
Popularity: 65% [?]