Look beyond the usual suspects for threats to the network

Look beyond the usual suspects for threats to the network

Article Type: e-HR From: Strategic HR Review, Volume 12, Issue 5

How technology is changing the way HR works

Graduates, first jobbers and those in the early stages of their career are often the first to find the finger pointed at them from on high when threats are identified on the corporate network. As the face of “Generation Y,” they are seen as the digital natives who disregard the potential for threats, damage and data leakage, and the HR and IT departments keep a watchful eye on their behavior.

However, research from Easynet has unearthed startling figures that show monitoring departments need not be looking at the more junior members of the company when assessing the potential risks entering the network. Instead they should be looking sideways and upward at C Suite executives and senior management.

DIY technology prevalent

The research would suggest that there is an emerging trend of employees taking on “do-it-yourself” IT – the technology has become mainstream through the consumerization of IT in business, and everyone thinks they can now manage it themselves. Employees may install their own preferred browser rather than a company-standard, or they might try and uninstall certain applications to create more space on their laptops which are actually critical in terms of virus protection – therefore exposing their business to risk. What this highlights is the prevalence of company-wide threats, and demonstrates the need for an education program on bringing apps into the business.

The research discovered that the majority of applications are being brought onto the network by the higher echelons of the business, rather than by grads, interns and junior employees. Indeed, the findings revealed that even in the introduction of “recreational” (and thus not work critical) applications coming onto the network, C-Suite executives (28 percent) are only marginally behind graduates (33 percent) and interns (30 percent) in taking responsibility for them.

C-suite contains the worst offenders

New technologies and hardware devices are no longer solely the doyenne of the gadget obsessive young professional, and recent years have seen tech-savvy senior managers leading the way with adoption of tablets and smartphones. This may be due to their increased disposable income relative to Gen Y; it may be due to them perhaps having a family all using this “parent” device in the home – either way, the entry of such devices, and the apps upon them, is a major security threat to the corporate network.

The development of mobile devices and tablets becoming media devices is also fuelling this trend – for example, the research found that 33 percent of respondents advised video apps are brought into the workplace by C-Suite executives. Work-related apps, despite being brought in by all members of the company, are also being primarily introduced by C-Suite and senior management – they account for 42 percent of VoIP apps (compared to 29 percent for graduates), and 42 percent also for collaboration tools, (again, graduates follow closely behind with 36 percent).

From BYOD to BYOA

So, just as businesses are getting to grips with the spectra of Bring Your Own Device (BYOD) and the threats that multiple, non-network based devices bring, they face this new challenge with the onset of “Bring Your Own App” (BYOA). The challenge now faced in managing and tackling data management and security threats across the network becomes almost impossible, with not only the devices posing a problem, but also the apps and services within them, adding another level of data security monitoring with which to contend.

Targeting individual devices themselves is simply too monumental a task to undertake, let alone targeting the apps held on them, and with the increasingly short developmental timescale between product launches (Apple’s next generation iPad followed a mere six months after the previous flagship), becomes an almost Sisyphean task. Equally, trying to establish a rigid perimeter-based network solution can hamstring the agility, flexibility and dynamism a modern business needs in the modern age. Putting such a ring-fence in place will cause issues with remote access, remote working and some cloud-based services used by employees, so this is not an option either.

It is a people issue

What is necessary is to get to the source of the BYOA and BYOD influx, namely the staff across the company who want to have their devices, their way – but on the company’s network. An educational program outlining the dos and don’ts of Bring Your Own Everything will help set universal standards by which every employee is expected to adhere, and will outline a “leave it to the experts” maxim that all employees must follow.

Combining this with an intuitive, flexible network solution will mean there is no single source that everything depends upon, and thus no single point of weakness. Instead there is a structured and reliable corporate network, combined with an educated and trusted workforce that clearly understands the limits of what can and Cannot be brought to the network.

Justin FielderChief Technology Officer at Easynet.

About the author

Justin Fielder is Chief Technology Officer at Easynet, responsible for strategic direction, technical strategy and the global product portfolio. He joined Easynet in 1997 and held a variety of management positions within the technical, pre-sales and operational areas of the business. After the acquisition of Easynet by BSkyB in 2006 he became director of Sky Network Services, followed by director of Research Development and Customer Technology. He rejoined Easynet in July 2009 in his current role. Prior to his 12 years at Easynet, he worked at various GEC-Hirst Research companies. He graduated with an upper class BEng in Electrical and Electronic Engineering from Brunel University. Justin Fielder can be contacted at: justin.fielder@easynet.com