There is a phenomenon called "the hyperconnected" which describes a growing number of people who have intertwined and blurred their private lives with their working lives - we should investigate the phenomenon and understand the hyperconnected because they carry vulnerabilities and increased threats into our organisations.
We should work to modify or extend our present "architectures" so they support the hyperconnected, and at the same time provide appropriate protection to the business. We cannot ignore the hyperconnected they are the information workforce of the near-future.
If you have prevented the use of all social networking tools and internet services in your company then congratulations, but beware, you are now very much basking in the twilight of this success. Tomorrow you will discover the hard reality that prospective employees are placing an increasing importance on the ability to connect to their social networks and internet services from the workplace, in fact from any place they choose to be. Because you have denied the use of social networks and services at your company this may be enough to make them take a job with your competitor.
If we persist with our current defence in depth, and protective architecture models, then we are missing a vital strategic sea-change. We are denying the need for a more forward thinking and "participative architecture" - the architecture of participation should embrace and support the hyperconnected providing some very real business benefits.
According to IDG, 16% of today's global information workforce is hyperconnected: they make heavy use of the internet, broadband access, camera phones, voice over IP, instant messaging, social networking, and video uploading. A further 36% of the workforce is "increasingly connected", and they will soon join the hyperconnected community - it is just a matter of time before the information workforce is populated by a significant hyperconnected majority.
If we bury our collective heads in the sand, then our organisations will become more vulnerable through the presentation of enlarged attack surfaces, and this will be driven simply by the naive trust of the employee.
Increase in the pervasiveness of vulnerabilities due to unfettered hyperconnected trust is challenging the traditional defence in depth security strategies.
Network-to-network bridgeheads can develop creating attack points passing through traditional defence layers and into the heart of your corporate network.
Trust can present real risks to your business.
The new generation is much more comfortable with openness and they are happy to share their lives publicly, with internet services such as Twitter and Facebook. There are also an increasing number of applications that have been launched that take advantage of the "always on connections", either over the net or on mobile devices.
The majority of Acceptable Use Policies (AUP) are becoming less and less effective: today you have employees that are using the internet services and social networking tools across the corporate network, and unless you work for a very forward thinking employer, this will be in direct violation of your AUP. Employees will continue to violate the AUP in this way because they see it as a minor misdemeanour, worthy of no particular concern, and in their minds the benefits far outweigh the consequences.
King Canute the Great, seated on the seashore with the waves lapping around his feet was not attempting to prevent the tide but merely demonstrating the futility of such an act. We should not resist the hyperconnected, we should embrace, adapt, and support them.
Mark Henshaw is global manager for information security strategy and planning at General Motors