Graduates, first jobbers and those in the early stages of their career are often the first to find the finger pointed at them from on high when threats are identified on the corporate network. As the face of ‘Generation Y’, they’re seen as the digital natives who disregard the potential for threats, damage and data leakage, and the IT department keeps a watchful eye on their behaviour.
However, research has unearthed startling figures that show the IT Director need not be looking at the more junior members of the company when assessing the potential risks entering the network, but should instead be looking sideways and upward at C Suite executives and senior management.
The research discovered that the majority of applications are being brought onto the network by the higher echelons of the business, rather than by grads, interns and junior employees. Indeed, the findings revealed that even in the introduction of ‘recreational’ (and thus not work critical) applications coming onto the network, C-Suite executives (28%) are only marginally behind graduates (33%) and interns (30%) in taking responsibility for them.
New technologies and hardware devices are no longer solely the doyenne of the gadget obsessive young professional, and recent years have seen tech-savvy senior managers leading the way with adoption of tablets and smartphones.
This may be due to their increased disposable income relative to Gen Y; it may be due to them perhaps having a family all using this ‘parent’ device in the home – either way, the entry of such devices, and the apps upon them, is a major security threat to the corporate network.
The development of mobile devices and tablets becoming media devices is also fuelling this trend – for example, the research found that 33% of respondents advised video apps are brought into the workplace by C-Suite executives. Work-related apps, despite being brought in by all members of the company, are also being primarily introduced by C-Suite and senior management – they account for 42% of VoIP apps (compared to 29% for graduates), and 42% also for collaboration tools, (again, graduates follow closely behind with 36%).
So, just as many IT Directors and managers are getting to grips with the spectre of Bring Your Own Device (BYOD) and the threats that multiple, non-network based devices bring, they face this new challenge with the onset of ‘Bring Your Own App’ (BYOA).
The challenge now faced in managing and tackling data management and security threats across the network becomes almost impossible, with not only the devices posing a problem, but also the apps and services within them, adding another level of data security monitoring with which to contend.
Targeting individual devices themselves is simply too monumental a task to undertake, let alone targeting the apps held on them, and with the increasingly short developmental timescale between product launches (Apple’s next generation iPad followed a mere six months after the previous flagship), becomes an almost Sisyphean task.
Equally, trying to establish a rigid perimeter-based network solution can hamstring the agility, flexibility and dynamism a modern business needs in the modern age. Putting such a ring-fence in place will cause issues with remote access, remote working and some cloud-based services used by employees, so this is not an option either.
What’s necessary is to get to the source of the BYOA and BYOD influx, namely the staff across the company who want to have their devices, their way – but on your network. An educational program outlining the dos and don’ts of Bring Your Own Everything will help set universal standards by which every employee is expected to adhere, and will steer away from pointing the finger at the usual suspects at company-entry level; usual suspects that research has shown are not the primary guilty party.
Combining this with an intuitive, flexible network solution will mean there is no single source that everything depends upon, and thus no single point of weakness. Instead there is a structured and reliable corporate network, combined with an educated and trusted workforce who clearly understand the limits of what they can and can’t bring to the network.