Senior executives have buried their heads in the sand over the use of social networks and mobile technology in the workplace, and need to start dealing with the risks, according to a report from the Economist Intelligence Unit (EIU).
Denis McCauley, director, global technology research at the EIU, said pressure is growing on companies to give staff greater freedom to use social networks and mobile technology.
Few businesses are providing training on the safe use of social networks such as Twitter and Facebook at work, but this is the best way to manage the risk of data leaks, hacks and viruses, he said. Training and guidelines will be increasingly important as a younger generation enters the workforce expecting more freedom in the way they work.
He said, "These people have grown up with the internet and mobile phones. They will demand choice, and this will challenge the traditional model of IT security and how IT is delivered in the enterprise."
Many CIOs, CTOs and CEOs are not embracing social networking, either in managing their brand online or by seeing how it could improve their business and the way staff work.
Allowing staff to use their own initiative, while providing guidelines, will boost loyalty, staff retention and innovation, McCauley said. Externally, social networks can provide customer interaction and better collaboration with partners. But companies are not embracing the opportunities, or managing the risks, which he called "worrying".
Rik Ferguson, senior security advisor at Trend Micro, said it is unlikely to be a technological failure that leads to social networks or mobile devices being compromised, but a management failure.
He said the issue will become more pertinent for companies as the economy recovers and it becomes more of an employees' market. If people have a choice on who to work for, they will increasingly choose companies that allow them greater freedom.
"You can't bury your head in the sand," he said. "Online is already massively important. You have to get involved now, because if you do it when it becomes a necessity, you will be way behind."
The answer to some of the problems new technologies pose is to avoid a prescriptive approach, according to Jon Collins, managing director of analyst firm Freeform Dynamics. The users of IT will often find creative ways around draconian rules, and it may be that policies need to be changed to fit the way they work.
"IT has to get out of that control mindset," he said. "If it doesn't, people will work around it anyway. It is no longer right to say this activity is allowed or not allowed."
He said companies need to approach things from a risk management perspective, set clearly defined policies and be able to know when they're being breached, and train staff so they're aware of when they're breaching them.
Ferguson said, "Executives owe it to themselves and their companies to understand better what technology can do on the ground."