Senior managers often struggle to understand the next-generation workforce, be it from a cultural point-of-view or a technological one. From a CTO’s perspective, one of the principal difficulties with this divide is trying to assess and guide attitudes to security and privacy at the office. Recently, I was invited to an event in London held by Centrify, the security and identity management company, to learn about a study they did around this issue. I also had the pleasure of hearing from Woody & Kleiny, a comedy double-act famous on social media, as they talked about their approach to data and security.
Woody & Kleiny: The kids are alright
If like me, you’re not in the know when it comes to the latest who’s who in social-media, a little background may be useful. Essentially, Woody & Kleiny host comedic and entertaining content across their social media platforms, such as Youtube, Facebook and Instagram.
Working in such and new and emerging industry, it would be closed-minded to assume their business model lacked significance to the broader business community. Since beginning a few years ago they have amassed over three million followers across their platforms and have worked with major brands, taking advantage of diverse revenue streams, and most importantly, they are constantly expanding into new markets. In all honesty, they look like significant disruptors in the marketing sector.
Like any big business, they face significant risks and the pair were happy to share with the audience some of the challenges that have faced running a business through social media channels. For example, waking up one morning, while on a press trip in Los Angeles, to realise that all their content from Instagram had disappeared.
It was discovered later that they were victims of hacking. Woody said:“ At the time, we didn’t know what to do, we contacted Instagram who was amazing and luckily they could get all the content back.”
He added: “The reason is that we had been using the app in areas that Instagram was not as well protected.”
Given that lots of businesses are using Instagram for their business needs, the pair recommended that you try to get a verified account as well as use best-practice password provisions.
Another big issue with social media is the effect it can have on a brand’s reputation. The duo was also happy to share some of the hard lessons they’ve learnt in this regard. Explaining how the lost a couple of thousand followers after they posted a picture of them doing work with the Sun, the reason being that it was during their fall out of the newspapers Hillsborough controversy, something that did not go down with many in the target audience.
Woody said: “You’ve got to be very careful and selective about what content you put up.” Kleiny added: “We have a team now, so any potential content goes through a thorough process now.”
Given the rise in social media usage in the workplace, I thought Woody and Kleiny’s insights were really interesting and worth noting, after all, the lessons that they have learned should be lessons for us all.
They pointed out the dangers and risks involved with social media in the workplace, whether it be hacking, data sharing or reputational damage. Due to the interests of young people revolving around these apps, for CTOs and other IT leaders, their impact cannot be ignored.
This point brings me nicely, to the study carried out by Centrifty. With this study, Centrify set out to measure what managers think of the next generations workforce’s approach to security and discover if their assessments are fair and accurate.
Working with UK survey group Censuswide, they interviewed 1,000 UK office workers aged between 18-24 and 500 senior decision makers.
Interestingly, the survey revealed that 35% of senior managers believe that younger employees are to blame for the majority of workplace data breaches and 37% believe that they are also too relaxed about security measures.
According to the study, these concerns are somewhat overstated, and arguably, misplaced. For example, one of the top concerns for managers (67%) was employees clicking on a suspicious link or email. In practice, only one in 10 workers in the 18–24 age group had clicked on one of these links. On the flip side, 18%, almost twice as many managers had clicked on a suspicious link compared to younger workers.
The biggest infraction that younger workers admitted to was sharing passwords 16% said that they had shared passwords with colleagues while 13% said that they had done so with managers.
One of the most interesting findings is that decision-makers are not practising what they preach. In some cases, managers are nearly as likely and sometimes more likely to misuse technology
as younger workers. 15% of managers admitted to sharing passwords with colleagues. More decision makers (5%) than younger workers (2%) had been on the dark web, downloaded hacking tools or sent ransomware to someone.
More than twice as many managers had removed information from the company, while 14% had logged onto a risky website, compared to 7% of those in the next-generation workforce.
The same disparity extended into personal device usage – 38% of decision makers worried about younger workers co-opting work devices for personal use, yet more of them played games on work devices (18%) than younger workers (15%) Around one in eight of decision makers used devices for online gambling, compared to 5% of younger workers, while 6% of managers watched porn and sent sexual texts from mobile devices, compared to 2% of employees aged 18-24.
Barry Scott, CTO EMEA, Centrify, said. “While it’s clear that employers are concerned about this new generation entering the workforce – and see them as a potential risk to both the business and brand – these same companies are perhaps guilty of not putting in place the right security processes, policies and technologies. If you give employees access to any information at any time from any place or fail to enforce strict password and security policies, they are likely to take full advantage, putting both their own jobs at risk as well as the company itself.”
Social media and online behaviour
Woody and Kleiny pointed out the business value-adding potential of social media, but they also showed its risks.
Workers are going to use these platforms more and more. The study shows there to be a large gap between perception and reality in managers’ views of younger workers, along with a lack of action among senior decision makers to fix cyber security.
To avoid risks, senior IT managers need to dispell the myths and accurately understand who the real liabilities are and most importantly they need to lead by example.