450814309
Photograph by Thomas Barwick—Getty Images

Millennial Employees Could Be Your Company’s Biggest Cybersecurity Risk

Jun 15, 2016

Maybe it’s not so surprising that Mark Zuckerberg’s social media accounts got hacked last week. A recent study by IT consultants Softchoice suggests that the 32-year-old Facebook CEO was only acting his age.

Using the same password for a bunch of different accounts, skipping two-step authentication when it’s available, and other risky online behavior is especially common among Millennials—even, previous research shows, if they’re trained techies who you’d think would know better.

The proliferation of cloud-based apps, which make it harder for tech departments to keep an eye on where company data may be vulnerable, isn’t helping. The Softchoice report says employees of all ages who use cloud-based apps are four times more likely to access work files outside the office through a program IT doesn’t know about than those who don’t.

Not all employees are equally risky, the study notes. “Younger app users are more likely to go rogue than their more senior colleagues,” it says. More than one in three Millennials, and almost as many Gen Xers, work remotely using apps (most often Dropbox or Google Docs) without first getting the IT department’s OK. That compares with 22% of Boomers.

Some Millennials also take a devil-may-care approach to passwords. About 30% “display their app passwords on Post-It notes or somewhere else in plain sight” at work, compared to 20% of Gen Xers and just 11% of Boomers.

More training might help, since Softchoice found that many employees are simply unaware of the risks of their careless technology habits. Over 40% of workers in all age groups say they’ve never been told how to securely move and store private company data, and 39% “have not been told the risks of downloading cloud apps without IT’s knowledge.”

Beyond that, people’s reasons for going their own way in the cloud vary by age. Asked why they were using cloud-based apps the IT department hadn’t approved, most Millennials and Gen Xers said that “IT is too slow to approve their choice,” the report says. Boomers, on the other hand, most often said they “didn’t know they had to notify IT at all.”

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: http://www.djindexes.com/mdsidx/html/tandc/indexestandcs.html. S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions