While fleets and trucking companies are looking to hire younger workers and fill driver shortages, could those workers also be increasing security risks?
Much is said of trucking's workforce struggles not only in hiring and holding onto good workers but bringing on young ones, with the median ages of truck transportation and bus service workers about five and nine years higher, respectively, than the current median worker's age of 42 across all industries.1 Even as you're trying to attract Millennials and younger professionals, could these workers be increasing security risks for your business?
One group, the Society for Human Resource Management (SHRM), has been raising this point recently in examining worker tendencies. The concept makes rational sense: young professionals have grown up with smartphones and other Internet-connected devices in their hands and apps running more and more things in their lives, from email to "wallet" finances/payment management to shopping and travel.
So part of the risk is there's a kind of normalcy that can become overfamiliarity with doing almost everything online and via computer or connected device; carry that a little farther and it becomes more like naivety and lack of healthy suspicion where it's due. Younger workers may have "a different perspective" — e.g., they may have their guard down more — when it comes to things like sharing information on social media sites, SHRM notes, and that could open the door to higher risk of data and computer security breaches.
Meanwhile, here's a damning double-statistic: IT giant Hewlett-Packard finds that three out of four, 75%, of all apps fail to properly encrypt data, and Gartner, Inc. projects that 75% of mobile security breaches will happen via apps. Information security breaches that happen through social media and other scams seeking criminal ends fall into the category of "social engineering" attacks.
Herndon, VA-based cyber security services provider General Dynamics spells out some additional risks of this kind to be aware of, including:
1. Public WiFi. Have you become less hesitant about using unsecured WiFi with your devices where it's available — airports, malls, restaurants, hotels, coffee shops, amusement parks, etc.? Have you programmed unsecured WiFi networks into your smartphone to boost service based on your day-to-day location and where you usually travel?
The honest answer for likely most of us is a shrug and a nod in the affirmative. "These connections should always be used with caution," General Dynamics advises, and it's best to avoid financial transactions or any sites where you log in/use passwords when using unsecured WiFi access.
2. Phone calls. "Phishing" and criminal activity can happen via telephone, although many phone scams prey on the elderly and perceived easy targets. However, it can happen at work, too: "Callers may sound like a vendor or familiar individuals calling to request updated credit card information, often claiming the previous card has expired," General Dynamics notes.
3. Hyperlinks. These often take the form of email message scams, which are familiar to many. Maybe it's a message with a clever subject line designed to look like a friend sent it, or maybe it's a phony message designed to look like it's officially sent by a trusted source.
The obvious protocol you should be practicing is to be careful and deliberate about what messages (and any attachments) you open and what links you click. General Dynamics points out that it's safer to type links — particularly when doing anything financially related — directly in your web browser.
4. Giveaways. We've all seen those emails about things too good to be true; hopefully by now, we all know they aren't and avoid them. But people still fall victim to scams that seem insignificant or benign enough not to question, such as a phishing/information-seeking scam disguised as an offer of a few free music downloads.
5. In-person schemes. This one is rarer, but information breaches can happen courtesy of an in-person scam. General Dynamics says this "bold" method would include things like a person claiming to have forgotten a key to the office or posing as a legitimate employee, such as someone in IT needing to access computers or a custodian taking away documents to shred. Some advice to protect yourself: be sure you can identify someone before you let them in or give them any access to your place of employment, General Dynamics warns.
Foreign objects introduced
Regardless of which generation they belong to, there are also the various connected devices that all of your employees likely are bringing into your work environment, try as you may to secure it. The BYOD — "bring your own device" — argument and its implications for maintaining information security are a gray area that trucking and fleet are still navigating as more fleet management, routing, telematics and other systems make their way into trucks and other commercial vehicles.
There's that end of the spectrum as well as the flip side — a policy strictly allowing only company-owned devices to be used — while other organizations are choosing a "COPE" (company owned, personally enabled) model for connected devices that's somewhere in between. According to BlackBerry, nearly half of U.S. business executives believe BYOD policies create serious risks.
Software Advice, a company that provides software reviews and market research, finds in a 2015 study that at least this much is true: Millennials and younger workers increasingly feel distressed if they're without their smartphones and/or other devices and social media. But there's some good news for Millennials in this case. Baby Boom and Generation X employees are actually more likely — 48% and 47%, respectively — to use a personal device to access work files compared with 40% of Millennials, according to the study.
Returning to sharing information on social media, however, SHRM also points to data from the Washington, DC-based Ethics Research Center showing that Millennials are more likely to engage in ethically questionable behaviors like blogging or tweeting negative things about their employers.
So all things considered, are Millennials any better or worse than employees of other generations in exposing your company to risk, intentionally or unintentionally? For the trucking industry and others, that tossed coin is still up in the air.
1 U.S. Bureau of Labor Statistics, Labor Force Statistics from the Current Population Survey.