Cisco: IT Security Policies are Too Soft for Gen Y

Paul Lilly

Young employees determined to log onto Facebook or bounce around the Web are going to do so, in part because they're motivated to get online and frequently ignore IT policies, and also because the policies in place simply aren't tough enough, according to a global study from Cisco. Seven out of 10 young employees outright ignore IT policies on a frequent basis, and one in four is a victim of identity theft before the age of 30, Cisco says.

Cisco believes the high rate of identity theft among young people could be a direct result of loosening privacy boundaries. What's more, over a third of employees surveyed responded negatively when asked if they respect their IT departments.

"Of those who were aware of IT policies, seven of every 10 employees worldwide admitted to breaking policy with varying regularity," Cisco wrote in its report (PDF) . "Among many reasons, the most common was the belief that employees were not doing anything wrong (33 percent). One in five cited the need to access unauthorized programs and applications to get their job done, while 19 percent admitted the policies are not enforced. Some (18 percent) said they do not have time to think about policies when they are working, and others either said adhering to the policies is not convenient (16 percent), they forget to do so (15 percent), or their bosses aren’t watching them (14 percent)."

The report is filled with alarming statistics, such as 33 percent of college students saying they don't mind sharing personal information online or think about privacy. This attitude carriers over to the workplace, where three out of five employees believe they aren't responsible for protecting information and devices, and instead it's the IT department and/or service providers who are accountable.

Around the web