India Ranks Highest In Flouting IT Regulations At Workplace

Seven out of 10 young employees frequently ignore IT policies, and one in four is a victim of identity theft before the age of 30, according to a global study from Cisco announced today. The final set of findings from the three-part Cisco Connected World Technology Report reveals startling attitudes toward IT policies and growing security threats posed by the next generation of employees entering the workforce – a demographic that grew up with the Internet and has an increasingly on-demand lifestyle that mixes personal and business activity in the workplace.

The Cisco Connected World Technology Report is an international study that examines the next generation of workers’ demands and behaviour involving network access, mobile device freedom, social media, and work lifestyles. The findings are key in explaining how this next-generation workforce’s behaviour heightens personal and corporate risk amid a complex threat landscape, a correlation that is spotlighted in more depth in the Cisco 2011 Annual Security Report.

The latest findings from the Cisco Connected World Technology Report reveal growing concerns for employers. The desire for on-demand access to information is so ingrained in the incoming generation of employees that many young professionals take extreme measures to access the Internet, even if it compromises their company or their own security. Such behaviour includes secretly using neighbours’ wireless connections, sitting in front of businesses to access free Wi-Fi networks, and borrowing other people’s devices without supervision.

Considering that at least one of every three employees (36 percent) responded negatively when asked if they respect their IT departments, balancing IT policy compliance with young employees’ desires for more flexible access to social media, devices, and remote access is testing the limits of traditional corporate cultures. At the same time, these employee demands are placing greater pressure on recruiters, hiring managers, IT departments, and corporate cultures to allow more flexibility in the hope the next wave of talent can provide an edge over competitors.

Key Findings

The second annual Cisco Connected World Technology Report surveys more than 2,800 college students and young professionals in 14 countries that represent the largest or fastest growing economies. It was commissioned to understand how companies must balance business needs and risk management with the next generation of employees’ technology expectations and behaviour.
Risky behaviour’s impact on identity theft rates.

Perhaps as a direct result of loosening privacy boundaries, about 32 percent college students surveyed in India have experienced identity theft. When applied to a broader pool of people, about 51 percent college students in the country said they know of friends or family members who have experienced identity theft. The following findings provide insight into the frequency of identity theft across people from different generations.

Security and online privacy

One in three (33 percent) college students globally does not mind sharing personal information online, believes privacy boundaries are loosening, or does not think about privacy, providing foreshadowing for how the next generation of the global workforce will address information online – perhaps for business as well as personal activities.

About 31 percent of employees surveyed in India have lost their mobile device in the last 12 months – score one of the highest amongst all nations surveyed. Students in India not too far behind, about 29 percent lost at least one of their mobiles devices (tablet/smartphone/laptop) in the same period.

About 87 percent of employees in India are aware of security issues when accessing corporate networks from remote locations. However, about 40 percent students surveyed confirmed lack of concern for privacy.

Adhering to IT policies

Of those who were aware of IT policies, seven of every 10 (70 percent) employees worldwide admitted to breaking policy with varying regularity. Among many reasons, the most common was the belief that employees were not doing anything wrong (33 percent). One in five (22 percent) cited the need to access unauthorised programs and applications to get their job done, while 19 percent admitted the policies are not enforced. Some (18 percent) said they do not have time to think about policies when they are working, and others either said adhering to the policies is not convenient (16 percent), they forget to do so (15 percent), or their bosses aren’t watching them (14 percent).

About 79 percent of employees surveyed in India flout the company’s IT policy all the time – score highest in all regions surveyed.

Two of three (67 percent) respondents said IT policies need to be modified to address real-life demands for more work flexibility. In India 59 percent of students expect their future employers to be open about their need to stay connected with their personal life along with work at all times. 73 percent of employees expect their companies to be more flexible toward work-life balance and allow devices and applications such as IMs, tablets and Macs.

Companies restrict many devices and social media applications. Of these, young employees said online gaming (37 percent) was the most commonly restricted application. Apple iPods (15 percent) were the most commonly restricted device.

One in 10 (10 percent) employees globally said IT policies prohibit the use of iPads and tablets, signaling a growing challenge for IT teams as tablet popularity increases. Three of 10 employees (31 percent) said social networking sites like Facebook, Twitter, and YouTube were prohibited as well.
Three of five employees (61 percent) believe they are not responsible for protecting information and devices, believing instead that IT and/or service providers are accountable.

Risky behaviour: ‘Borrowing’ wireless connections from neighbors and stores

In the old days, neighbors would ask for eggs or sugar. Now they are asking for Internet access. Almost one in four college students (23 percent) has asked a neighbor for access to a computer or the Internet, and almost one in five (19 percent) admitted accessing a neighbor’s wireless connection without permission. About one in five college students globally (19 percent) admitted standing outside retail outlets to use free wireless connections. About one in 10 (9 percent) has asked to use a stranger’s mobile phone. Overall, two of three employees worldwide (64 percent) said they had done at least one of these actions.

Risky behaviour: Unsupervised computer usage

More than half of the employees surveyed globally (56 percent) said they have allowed others to use their computers without supervision – family, friends, coworkers, and even people they do not know.
College students exhibited higher tendencies than young employees to engage in risky online behavior. In India about 31 percent of students surveyed agreed to have paid a ‘high’ fee to get internet access from a public place under desperate circumstances.

More than four of five college students (86 percent) said they have allowed others to use their computer unsupervised, indicating that this behavior is only going to become more prevalent as the next generation of employees enters the workforce over the next few years.

More than one in 10 college students (16 percent) admitted leaving personal belongings and devices unattended in public, while getting something to eat or drink at a café or going to the restroom.

The Cisco Annual Security Report and Key Findings

The Cisco 2011 Annual Security Report highlights the most important security trends of the year and provides tips and guidance to keep enterprise technology environments more secure. The Cisco Connected World Technology Report magnifies the threats outlined in the security report.
Dramatic Decline in Spam Volume: According to Cisco Security Intelligence Operations (SIO), spam volume dropped from more than 379 billion messages daily to about 124 billion messages daily between August 2010 and November 2011—levels not seen since 2007. In the month of September 2011, India had the highest percentage of spam volume (13.9 percent). Vietnam came in second with 8.0 percent and The Russian Federation took the third-place spot with 7.8 percent.

Cisco Global ARMS Race Index: Cisco’s Global Adversary Resource Market Share (ARMS) Race Index was designed to track the overall level of compromised resources worldwide and, over time, to provide a better picture of the online criminal community’s rate of success at compromising enterprise and individual users. According to data collected for this year’s index, the aggregate number that represents the level of compromised resources at the end of 2010 is 6.5, down slightly from the December 2010 level of 6.8. When the Cisco Global ARMS Race Index debuted in the Cisco 2009 Annual Security Report, the aggregate number was 7.2, which meant enterprise networks at the time were experiencing persistent infections, and consumer systems were infected at levels capable of producing consistent and alarming levels of service abuse.

The 2011 Cisco Cybercrime Showcase: The third annual Cisco Cybercrime Showcase presents two awards for 2011 – one acknowledging the outstanding contributions of an organisation in takedowns of some of the world’s worst botnets (the “Good,” Microsoft) and the other recognising the growing influence of a loosely organised group of Black Hats associated with collaborative, international hacktivism (the “Bad,” Anonymous).

“Employees joining the work force today belong to the ‘digital generation’ and are used to being ‘connected’ at all times. They expect their employers to give them unfettered access to the Internet and also the freedom to use their own devices, for both personal and official purposes. Organisations often grapple with the need to cater to employee expectations and at the same time ensure that sensitive company information is not compromised. This study will help organisations get a better understanding of employee perceptions and expectations, which in turn will enable them to alter their IT policies to suit both employee and security needs,” said VC Gopalratnam, Vice President of IT Globalisation and CIO of Cisco India.