Robert Stroud
VP, ISACA

I was putting up bookshelves a few weeks ago when I discovered that the package was a few nuts and bolts short of getting the job done. As a typical time-pressed executive who spends most weekdays on the road, I needed an instant solution. So I called the manufacturers’ 1-800 line, only to find out it was closed on weekends. That’s when my “digital native” son took over. A few minutes of him surfing the web served up the needed info and a trip to the hardware store got it done.

Digital natives are different than you and me. The term “digital native” is used to describe young adults between ages 18 and the early 30s and usually includes Millennials and Generation Y. They were born after the PC was invented and they’ve grown up in a world where cell phones and the Internet are commonplace. Their ease with technology offers major pluses, especially in the workplace. But this same comfort level can be a double-edged sword for their employers around high-traffic Web moments like Cyber Monday.

Texts and touchscreens trump talking

Getty Images

For companies that are open to change and innovation, digital natives are a boon. They are fluent in the technologies that enable Enterprise 2.0 collaboration, such as wikis, blogs, instant messaging and webcams.

They are confident about picking up new technologies.

They are conditioned by texting and tweets to communicate quickly and concisely, and are far more likely to type or touch the screen than talk. They share opinions freely and use social networking in interesting ways to gather opinions, crowdsource new ideas, and make purchase decisions.

For companies open to innovation, digital natives are shaking up existing notions of how we work and how technology helps us work together. All of this can create tremendous business value when organizations level it effectively.

More likely to shop from work

But digital fluency can also pose challenges in the workplace. Young adults are, arguably, too comfortable with technology, and they blur the lines between work and play. A recent survey by ISACA on online holiday shopping and workplace Internet safety illustrates where this nets out, with obvious implications for Cyber Monday and early December. The survey found that adults ages 18-34 are:

• More than two times more likely to shop online using a work-supplied computer, tablet or smart phone (39%) than older adults (16%)
• Most unsure (36%) of their company’s policies towards online shopping at work, compared to the general population (25%)
• More inclined to use their personal computers for business (56%) than older adults (47%)
• Slightly less likely to use secure browsing technology (62% vs. 64%)

The survey also found an increase this year in the number of employees who take risky actions online, such as clicking on an e-mail link or providing their work e-mail address when shopping online.

These behaviors open the door to social engineering and phishing attacks, malware, and information breaches that can cost companies millions and inflict severe damage to their reputation.

As more employees make use of portable devices such as smart phones, laptops and tablet computers, these threats can increase.

Downloading malware is also a concern when employees use the Internet for personal reasons.

Many employees may not be concerned with security controls and may not know about the potential risk to information assets that can result from online shopping expeditions, such as viruses and spyware that can affect their company’s data integrity and network availability.

Managing digital natives and workplace technology

Companies have several choices when it comes to trying to reduce the risks posed by employees shopping online at work or using work-supplied devices. They can ban personal activities outright or they can avoid issuing policies and hope that their network security technology will keep threats at bay. Or they can go for a middle ground – adopt an “embrace but educate” approach. Acknowledge the reality that employees, especially digital natives, are going to use social networking and e-commerce sites liberally and blur the boundaries between personal computers and work-supplied ones, and educate them about risks and risk-reducing behaviors.

This is not solely the IT department’s problem. Safe use of a company’s IT assets crosses many areas of the company, including the legal, human resources and corporate communication departments. To protect your company and its assets during the holiday shopping season and beyond, make sure the relevant stakeholders in your organization have come together to develop and communicate a clear and realistic policy about online behavior and use of devices. Include the reasons why to increase the chances of compliance among the digital natives in your workforce.

Then get ready to update it again in another five years. That’s about when Gen Z, an even more tech-savvy group than the current crop of digital natives, will be ready to invade the workplace.

Robert Stroud, CGEIT, is international vice president of ISACA and service management and governance evangelist at CA Technologies.