Security Market Segment LS
Monday, 26 June 2017 11:32

Millennials stress network security

By Graeme Pyper and Ray Shaw

Millennials, a.k.a. Gen Y, Net Generation, or Generation Now. Regardless of what you call them the infamous millennial characteristics are trying the patience of enterprise network security.

They like sharing on social media, they won’t put up with a bad user experience, they want a flexible approach to work, they move on quickly if their expectations are not being met – much to HR’s chagrin, it is these characteristics that are shaping the culture of the future workplace.

With millennials now dominating workplaces around the world, they are now putting current network security regimes of many organisations to a stern test and are bringing the ever-increasing pressure for IT teams to keep an organisation’s network safe.

Gemalto Graeme PyperiTWire asked Graeme Pyper, regional director, Australia and New Zealand at Gemalto, himself not far outside the millennial definition to list the most important security issues for an increasingly millennial workforce.

  1. Social media

The question that has played with many organisations over the years – to block or not to block?

If we consider social media from a network security perspective, our favourite social channels can act as a gateway for malware and socially engineered attacks. People often share seemingly innocent links that have the potential to bring users to compromised websites.

To address this, static URL filters in Web filtering software are often used as these can block or monitor specific URLs. The category filtering feature can block entire groups of websites.

But when dealing with the millennial expectation, CIOs should look at different approaches as opposed to blocking social networks at the workplace. Organisations should consider implementing a clear social media policy and training for staff members as a start. For instance, sales staff should be reminded of the security and business risks that might result from checking in their locations at customer sites via social channels like Facebook.

The most important safeguard though is to have a robust, layered security infrastructure. It is a surer bet than having to rely on employees never erring in their clicks, taps, and swipes with their social media accounts.

  1. Know thy security layers

Layered security consists of different layers of security controls that are combined to protect data, devices, and people. This strategy is widely adopted today by many enterprises as it ensures that when attacks occur at different sources, whether at the network, application, device, or user level, they can be detected and stopped before they spread. It also offers an effective safeguard against different types of threats.

With millennials shaping workplace culture and habits, CIOs need to reassess how they are setting up each layer of protection. Consider, for instance, the growth of BYOD in the workplace. Since many enterprises are allowing employees to use personal devices to connect to corporate networks, employees are now expecting IT departments to support their personal devices with access to corporate applications like email and calendar. BYOD itself poses many new security threats.

To manage the challenges BYOD brings, businesses should look at bolstering security at the device layer. The first step to take is to shore up the devices themselves through mandating some combination of firewalls, anti-malware software, MDM solutions, and regular patching. A BYOD culture also puts organisations at risk from having their employees' devices hacked due to poor passwords, so having policies and education on strong passwords is another crucial element.

Device types can also be identified so that less secure devices, such as mobile phones, can be restricted from some parts of the network. Sessions should also be secured, such as by preventing users from visiting unsafe websites.

Similarly, defences of the user layer should also be shored up to mitigate the rising risks of internal threats. This layer is often the trickiest to manage due to the need to balance security and convenience. You can also use a variety of authentication methods to identify network users and allow varying levels of access. Instilling awareness and educating staff are important steps to take.

  1. Tackle shadow IT

Shadow IT is used to describe systems, solutions, application and services built and used inside an organisation without being sanctioned by the organisation. It’s uncontrolled nature poses a security threat and governance challenge.

If employees were using their smartphone to open a file, it is likely the phone will make a copy of the file, which could then be sent to an unapproved online storage destination when the phone performs its routine automatic backup. Your secure corporate data has now been moved to an insecure location. In the same way, the many social collaboration apps used by millennials can shift sensitive company information to insecure locations.

If you’re looking to stop the growth of shadow IT in your organisation, authorising staff stop using non-sanctioned devices and applications is unlikely to work given the ubiquity of smartphones. A more effective measure would be to instead educate users and implement technology like data encryption, access control, and traffic monitoring to manage the issue.

From a larger perspective, shadow IT happens when your staff is not happy with the solutions provided by the organisation. While CIOs may not be able to prevent staff from seeking out alternative apps for, say, collaboration, they can keep things in check by being attuned to their needs.


Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News