Cisco survey finds 20-somethings favor insecurity

Under 30 set turned off by "overly strict" corporate security policies

Cisco this week released results of a security survey that explored the impact of social networking and the use of personal devices in the workplace. It found that employees are regularly looking for ways to circumvent company IT security policies to use unsupported devices and applications. 

The survey also found that 71% of respondents feel that "overly strict" security policies hamper the hiring and retention of employees under the age of 30. So ring one up for the 30 and older crowd: we're less of a corporate security risk!

That second finding could open up a whole can of worms on workplace and hiring discrimination. If a 20-something feels he or she lost a job opportunity because the employer felt they'd be a potential security risk due to the perceived likelihood that they would use an unsanctioned personal device at work - here come the lawyers.

The survey was conducted by InsightExpress and polled 500 IT security professionals across the United States, Germany, Japan, China and India. The results, according to Cisco, show that consumer influence on enterprise IT is growing because more employees are bringing personal devices and applications into the office and onto the office network, presenting new security challenges.

It also shows the risks inherent in Cisco's Borderless Networks campaign. Borderless Networks is a Cisco marketing push for anytime access to anything, regardless of where information or content resides, or which device or network is used for its retrieval. It sounds like something we're all striving for yet the security ramifications are profound, and Cisco acknowledges this - indeed, the company also this week unveiled its "validated Secure Borderless Network Systems" initiative, which integrates Cisco and third-party security tools from partners such as ArcSight, Credant Technologies, EMC, HTC, LogLogic, Lumension, netForensics, Nokia,  Palm, RSA, Samsung and Splunk.

Back to its survey, Cisco found that more than half of the respondents determined their employees currently use applications not supported by the company security doctrine, including social networking, collaboration, peer-to-peer and cloud. Nearly half say employees use unsupported devices and more than one-third say they have had a breach or lost information due to unsupported network devices.

Surely there must be security applications and appliances available that recognize an unsupported application or device and restrict or deny its access to the corporate network. Network access control anyone? Maybe this survey makes the respondents more indictable than their employee perpetrators...

Because despite these trends, 53% of the respondents said they are likely to allow personal devices on the network in the next 12 months. Cisco Connection blog, meanwhile, just determined that the likelihood these respondents will be looking for new jobs within that same time period is 100% -- unless, of course, these personal devices are suddenly of the "supported" variety rather than the "unsupported" kind.

And in the "Oh, you're no fun" category, more than half of the respondents listed "social networking" as one of the top three biggest security risks to their organization, while one in five considers it the highest risk.

Why would any 20-something want to work there anyway?

More from Cisco Subnet:

Advice for networking geek newbies

CCNP Shopping Spree – What to Buy?

Cisco gaining back switching share lost in 2009

Cisco, Avaya abstain from UC interoperability forum -- for now

Juniper takes more shots at Cisco in the data center

Win great stuff from Cisco Subnet Like e-mail? Subscribe to the Cisco Alert newsletter.Cisco Subnet RSS feed

Like RSS readers? Subscribe to the

Follow all Cisco Subnet bloggers on Twitter.Jim Duffy on Twitter

Follow

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT