"Since Nov. 5, three separate studies -- from Accenture, Intel, and ISACA, a major IT users group -- have indicted the youngest generation of employees as one of the enterprise's newest and most serious security risks. People under the age of 28 -- sometimes called Generation Y and sometimes called Millennials, depending on how you define the category -- are engaging in online behavior that could expose their organizations to data leakage and information theft, the studies say."
For CIOs, these findings raise a number of questions that need to be addressed pronto:
With regard to what needs to change, the Dark Reading piece says some CIOs are deciding to update their policies to match the new times, rather than insist that their younger employees step back from using new technologies in accordance with traditional rules:
"Interestingly, the Intel study suggests that many IT organizations are changing their behavior to accommodate the younger employees, rather than the other way around. Nearly 30% of the IT pros surveyed said they have changed their IT policies to meet the demands of Gen Y, allowing employees to access their work e-mail from noncompany smartphones or other devices and, in some cases, relaxing their rules surrounding the use of social networking sites."
This challenging situation represents precisely the type of unprecedented choices global CIOs will have to make as business models and associated business behavior begin to change at the pace of technology. In that context, it seems like the right approach is to lean into the trend and embrace these new approaches rather than trying to pretend that rapid and jarring change won't affect your company. Anyone out there know of companies that are trying to harness rather than stifle the cutting-edge insights, approaches, and innovations of young employees?