In-depth

What IT security lessons can teenagers teach the enterprise?

Davey Winder looks a little closer to home to see how the enterprise can learn from his teenage son's approach to security...

Kids using tablets and smartphones

I've been involved in IT security for twenty years now, and you'd think - as a result - my teenage son would be mindful of such matters. But you couldn't be more wrong. 

My lad has absolutely no security smarts, despite my efforts, and his mistakes are all too often mirrored in the corporate world. The consequences, however, are a tad more serious than someone posting embarrassing messages on Facebook. Let me explain.

Data sharing is the main problem I have with my teen. He signs into his social media accounts on someone else's device, and forgets to logout when he passes it back.

He thinks nothing of leaving the family laptop running for 15 minutes or more while his social media accounts remaing logged in.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Unsurprisingly, this has resulted in his mates, his girlfriend and me posting stupid things under his name using his account. Worse still, he also uses the same password for his social media, laptop, and his Xbox account.

In this, he's not alone. New consumer-focused research from Kaspersky Lab suggests 32 per cent of people take absolutely no precautions when letting others use their devices and 92 per cent store sensitive information on them.

Those numbers also sound about right for the business sector. At the smaller end of the enterprise scale, device sharing is pretty common and adequate security measures are not. As you move up the curve towards larger enterprises, things improve as far as device security goes, but the sensitive data issue remains.

It's all tied into the whole Bring Your Own Device (BYOD) problem, of course, and how to control what data is allowed where, who can access it and when.

Although the BYOD has been done to death, there remains a problem whereby shadow IT exists within the enterprise and a data-centric approach to security is not in place to help mitigate the threat.

How does this tie into my teenage son's device misuse? Well, unless you get to grips with securing data itself, then users of devices will remain the weak link in your strategic security chain.

Advertisement - Article continues below

You cannot control who uses a personal device once it is out of the workplace, and you cannot control what users do with it.

If you don't get serious about data security, rather than device security, you are heading for a fall. My son, on the other hand, is a lost cause. Luckily, he has no data of any value whatsoever. I know, I've seen his Facebook feed.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020