Consumer Influence on Enterprise IT

By Stephanie Jordan
in

Striving to understand the impact of social networking on the enterprise, Cisco conducted a survey earlier this year of 512 IT security professionals across the U.S., Germany, Japan, China and India. The results reflect, as I would expect, that consumer influence on IT is growing and that more employees are bringing personal devices and applications into the network.

“Increasingly, unapproved and unmanaged personal devices in the corporate environment are hastening the need for more intelligent security management,” believes Chris Christiansen, program vice president, Security Products and Services Group at IDC. “These ‘solutions’ must deal with the difficulty of protecting individuals and corporations, while providing a positive user experience and corporate data access from any device, anywhere, anytime.”

Exploring the security implications of consumer-oriented technology in the enterprise, the survey found that employees are consistently working around information technology security policies to use unsupported devices and applications.

Additional key findings included:

  • More than half of the survey respondents have determined that their employees use unsupported applications, including:
    • Social networking  – 68 percent
    • Collaborative – 47 percent
    • Peer-to-peer – 47 percent
    • Cloud – 33 percent
  • Nearly half (41 percent) of the respondents have determined that employees have been using unsupported devices, and more than one-third of that number said they have had a breach or loss of information due to unsupported network devices.
  • Despite these trends, about half (53 percent) of the IT respondents said they are likely to allow personal devices on the network in the next 12 months and 7 percent already support personal devices.
  • More than half (51 percent) listed “social networking” as one of the top three biggest security risks to their organization, while one in five (19 percent) considers it the highest risk.
  • Nearly three out of four survey respondents said that overly strict security policies have a moderate or significant negative impact on hiring and retaining employees under age 30.

It is not unexpected that unsanctioned tools, like social networking, are so prevalent. As the report notes, social media is an unprecedented and highly beneficial tool for many parts of an organization, especially human resources, marketing and customer service. There is a clearly a place for the technology, and it appears that users are making the choice on behalf of the organization.

“As the lines between personal and business computing increasingly blur, it is becoming clear that employees are going to use social networking and personal devices whether permitted or not,” observes Fred Kost, director, security solutions for Cisco. “The best strategic approach is to focus less on restricting usage and more on effective solutions to ensure highly secure, responsible use. These solutions involve more than technology. Organizations should develop education programs, corporate policies and best practices in order to realize the extensive business benefits of social networking, while protecting against the variety of potential threats that it can present.”

The survey results are available now.

Published July 8, 2010