More millennials are entering the federal workplace and potentially leaving the back door wide open when they come in, according to a new white paper by cybersecurity developer Forcepoint based on a survey from tech marketing and research agency LaunchTech.
According to the study, millennials (born between 1977 and 1994) are projected to occupy 75 percent of the workforce by 2025, and their relationship with technology poses risks and challenges for federal IT systems.
A vast majority of the several hundred subjects surveyed were not interested in jobs with restrictions on devices, applications and social media platforms, with two-thirds using personal devices on and off the job. At least a third of those install third-party productivity apps and access work systems after hours, and not all of them inform their agency IT departments.
Password sharing is not uncommon among millennials, and only a third of those surveyed said they used secure passwords for all accounts, with over 40 percent using the same password on multiple systems. At least 20 percent have used public Wi-Fi to make financial transactions and, unsurprisingly, 50 percent admitted to having a breach or infection in the past two years.
Agencies that want to benefit from the digital efficiency of millennials must be able to adapt their monitoring and training systems to the blurred lines, sharing economy and unintentional insider threats of tech-savvy, potentially security-lax digital warriors. And government chief information security officers surveyed say most of what is being done to attract and adjust to millennials is flexible scheduling and tailoring corporate devices.
The report recommends agency leaders set a cybersecurity posture balancing a positive tone with appropriateness training, establishing mission-specific policies clearly written in fresh language. Training points should be regularly reinforced, and reports on incidents and consequences should be shared to encourage positive behavior. Intelligent sensors should be deployed for end-to-end network monitoring, and system admins and privileged users should be watched for unusual behaviors, but employee-privacy advocacy should simultaneously foster trust. And standards for interacting with contractors should be equally clear and maintained.
The entire report can be viewed on Forcepoint’s website.
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/4OAWGSQZCZHV7HCETMWV3FRK6E.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/D4ZJIEJ57ND2JLJL4JRIFSL6DI.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/5NCHYNDXTJC53HZAQTPQGVLF3I.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/SD73AWGNQJFADGUUATNYHLWN2A.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/ZH264NEBTNDCZF65QMNOLPQDHA.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/WFC36ILXGJACXAVJPGN3EWJQPU.jpg)