March 26, 2015|
When Company Data is in the Hands of Snapchatting Employees
Data has quickly become human, thanks to accessible, smart technology and social networking platforms. One could argue almost too human, given the serious data security issues we face today. We’re boldy wearing it all on our digital sleeves — people everywhere are voluntarily sharing their work, credit card information and other personal data on different platforms and devices. Often, we are using these very platforms and devices to host company finances, sales details and employees communications. The recent launch of Snapcash, Snapchat’s mobile payments play for instance, points to a poignant cultural shift: people are happy to share sensitive credit card information in the same place where they fire off selfies or send birthday wishes to a friend. So what does this pivot mean for companies weighing security concerns while catering to an audience of increasingly social, tech-savvy employees?
Embracing the Social Mindset
A sizeable portion of today’s workforce embraced social media and digital innovation before, or shortly after, entering the workforce. The art of sharing data, no matter how personal or confidential, seems to be ingrained in the fabric of younger members of society. Life’s secrets are now commonly broadcasted to the masses on Facebook, Instagram, Twitter, even business-centric platforms like LinkedIn. As a result, employees in possession of company data are by nature more numb to common IT issues concerned with data privacy. There’s no use trying to push or curtail how and what employees share. Instead, we should opt for security strategies that actually encourage secure, limitless sharing.
Finding a Happy Medium
There are countless applications and platforms like Dropbox, Google Drive, HipChat and others that allow people to share corporate and personal information in the blink of an eye. If access to one is limited by enterprise powers, there’s always another option waiting in the wings. Most tech-savvy employees understand they’re supposed to handle data securely, but they lack a fundamental interest in adopting the necessary protocol championed by the IT departments – especially when the security protocols and technologies are historically clunky and painful to use. So instead, employees will opt out and go around these workflow burdens completely. The lesson: security solutions are only as strong as their ease and usability.
WFH or WF-Anywhere
Employees are embracing work from home – and pretty much everywhere else – in droves; regularly accessing files from outside the office and casually blending enterprise information with personal data on smartphones. Files that used to be under lock and key are floating around on browsers and/or cloud networks – almost asking to be taken. This trend is allowing employees to do work and share information at any time and from virtually anywhere. Simultaneously, it’s creating new (and serious) data security vulnerabilities for companies – not to mention keeping CSOs, CISOs and CIOs awake at night. There’s no longer any use trying to confine users to specific working hours, applications or locations.
Democratizing Security Responsibility
These smartphone, laptop and tablet-toting employees must be held accountable for elements of enterprise data security once confined to the IT department to ensure that they avoid letting information living on their personal devices fall into the wrong hands. Businesses need to help employees to fully grasp the importance of upholding airtight data security and following through with implementation. This is especially true when enhancing awareness among employees to increase data protection, many of whom practically bleed their personal information onto Facebook, Snapchat, and LinkedIn
Reimagined levels of security must also allow businesses to monitor, access and restrict exposure to corporate data that has left the system – unintentionally or otherwise. Companies need to realign their security strategies in a way that fortifies enterprise information coexisting on personal technology used by employees who post virtually everything to social networks and share company information through non-corporate channels. Employees across the enterprise have to understand, and fully embrace, that data security is now in their job description, too.