A note on this blogs format - I will not hide my drafts until they are ready. All my writing will be displayed as soon as it's down in bits and bytes. Posts will be labeled Draft and Final according to my view on the topic.

Wednesday, December 10, 2008



I'm going to quote a blog post in its entirety (I'll try not to do this too often)

Just a quick hit on this Intel-sponsored survey: apparently, employers think millennials like me are good employees, but that we're a risk when it comes to IT security. (Believe me, the intersection between millennial and IT prompted me to title this post LOLCats style: IT SECURITY: UR DOIN IT RONG). I think this speaks to evolving norms of security and privacy. I would be that a lot of employers' perceptions are based on the fact that people my age post a lot of stuff on facebook, have, or had, personal blogs, etc. But I think that's not actually super-relevant for professional IT security. Just because people put stuff out there doesn't mean they don't care about information being secure; rather, their standards for what NEEDS to be secure are different. Just because Paris Hilton got her sidekick hacked doesn't mean she's careless with her information; it means the hardware she's using is vulnerable. In a world of telework, among other things, agencies are going to have to come up with new, goof-proof ways to keep information secure. But a more open, tech-savvy generation isn't inherently an IT security risk. (bolding mine)

I think that Alyssa contradicts herself here.  Immediately after saying that the millennial generation posts information everywhere, she says that it's not a security risk because of standards for security risk are different.  That's like saying it's OK to have one person playing tackle football when everyone else is playing soccer.  When there are two competing rule sets, the group that is out of power but trends to information openness is automatically viewed as a security risk.  Hell, I know much of the open source world is a security risk. I just happen to weigh the benefits of openness much greater than the benefits of total information security.

I don't doubt (well, I hope) that Alyssa has a more nuanced view of IT security vs. openness, I just think that the nuance is a necessary part of the discussion to further the cause of transparency into the security conscious older generation. I don't want to have to wait for the boomers to die off to live in a more transparent world.

No comments: