Businesses and organisations need to tailor their security policies to the age profile of their employees, according to a recent survey of 4,000 IT security experts.
The survey - from the Citrix and the Ponemon Institute - found that younger, tech-savvy workers were most likely to bypass IT security policies if they believed that the policies were slowing their work, and more than half of respondents (55pc) said that 'Millennials' posed the greatest risk of circumventing IT security policies.
Almost four in every ten (39pc) of the respondents said that millennials were more likely than other age groups to use unauthorised phone, tablet and PC applications while working, putting customer data which will be protected under the upcoming General Data Protection Regulation (GDPR) at risk.
The survey found that companies with older employees, particularly those born before 1965, have very different security challenges – while those employees are far more likely to abide by company security policies, a third of respondents (33pc) said that 'Baby Boomers', are at a much greater risk of falling victim to phishing and social engineering scams.
Generation X workers also posed their own challenges - the research found that many employees in their 30's and 40's were also likely to circumvent company security policies, with 32pc of respondents saying they believed this age group were the most likely to use unapproved apps and devices in the workplace
According to Citrix, one of the main conclusions from the research was that despite the rise in threats, “more employees are going around security practices and policies because they’re too complex”.
Stan Black, chief security officer at Citrix, said that the big take away from the research is the need to educate members in an organisation, and to create a 'security aware culture'.
“While these more strict regulations are being put into place, take a strategic approach, look at the big picture, educate your workforce to create a security-aware culture, and find comprehensive solutions that adhere to the unique needs of your business”, he said.
The DataSec 2017 conference takes place on 3rd of May in the RDS in Dublin.
The event will provide expert speakers, information and insight to help your business comply with GDPR and get the most out of the new legislation. Click here to book your place now.