In this Read-Write-Web article, the author highlights what many corporations are struggling with: how best to balance the technology desires of the new generation of employees with the associated security and business risks. The old days of summarily blocking an unknown application is no longer an appropriate response since the user may be the CIO or CEO.
Today, the IT department must look at the sum of all parts including what the application is, how it operates, who is using it, and what type of security threats does it introduce. Only then should a decision on how to treat the application be made. The millennials are not necessarily being sneaky - they use these applications because they are used to them, grew up with them and assume everyone is on board with them. Chances are, only a handful of the users actually understand that these applications represent business and security risks. And if they do, it will usually not stop the use of them.
The IT department is not dumb--they know that these applications are out there. The challenge that IT faces is the plain fact that it is very difficult to determine exactly what is running on the network and who is using the applications. Sure, a myriad of tools can provide a sense of which applications are there, and then an IP address lookup can provide the user, but who has time to perform these labor intensive tasks? Certainly not the average, understaffed IT department. A small, yet growing number of companies are learning how to enable the usage of these new applications in a secure and beneficial manner, and in so doing, gain a competitive edge and improve the bottom line.