Too Many Employees Use Their Own Devices To Access Corporate Data

A large proportion of employees are using their own devices to access data belonging to their company, according to a new study by Trend MicroBring Your Own Device (BYOD) policy seems like a great business move, but allowing employees to use their own devices, such as laptops, smartphones, and tablets, companies can save money and increase productivity. 

Trend Micro's researchers found that around 39% of workers use personal smartphones, tablets, and laptops to access corporate data, often via services and applications hosted in the cloud.

When you allow your employees to access corporate data using their own devices from anywhere it increases the possibility that your data may be leaked. Mobile devices are the weakest link when it comes to network security because they are the most susceptible to attacks.

Due to the nature of BYOD, companies have minimal control over any corporate data either stored on employee devices or accessed via employee devices. If an employee forgets to install a security update, connects to a suspicious WiFi signal, or loses their phone it could put your data at risk.

Trend Micrro's study, which surveyed more than 13,000 remote workers globally, found that many of the personal devices used to access company data were not as secure as their corporate equivalents. 

A further finding of the study was that more than half (52%) of global remote workers have IoT devices connected to their home network, with 10% using lesser-known brands. 

Since home networks typically offer security protection that is inferior to that which a business can afford to implement, researchers expressed concern that attackers could access home networks, then use unprotected personal devices as a stepping stone into the corporate networks they’re connected to.

Getting access to personal devices may not present much of a challenge to threat actors, given that over one-third (36%) of remote workers surveyed did not have basic password protection on all personal devices. 

The research also revealed that 70% of global remote workers connect corporate laptops to the home network, opening up the possibility for malware infections to be brought from the home into the office. 

“IoT has empowered simple devices with computing and connectivity, but not necessarily adequate security capabilities... This threat is amplified as an age of mass remote work blurs the lines between private and company devices, putting both personal and business data in the firing line.” said Bharat Mistry, principal security strategist at Trend Micro. 

McKinsey:        VirtualArmour:      Infosecurity Magazine:       Trend Micro

You Might Also Read:

Insiders Are Cyber Criminals Favourite Connection:

 

 

« Cyber Warfare Creates Ghosts In Our Machines
Remote Working Compromises Outbound Email »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Mitol PerfectBackup

Mitol PerfectBackup

Mitol PerfectBackup provide Enterprise Online Backup, Disaster Recovery and Cloud Computing Services.

CERT.RO

CERT.RO

CERT.RO is the national Computer Emergency Response Team of Romania

ECESM

ECESM

The ECESM project has been designed to enhance overall cyber security posture of Montenegro by accelerating the availability of educational and training resources.

3GRC

3GRC

Cloud-Based Risk & Compliance Management. Simplify, automate and centralise your risk and compliance programme with the 3GRC Platform.

Xperien

Xperien

Xperien is a leading South African Information Technology Asset Disposition (ITAD) company.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Kasada

Kasada

Kasada provides bot detection and mitigation for enterprise web applications. Stop the bots before they reach your site and web applications.

Drip7

Drip7

Drip7 is a micro-learning platform that is re-inventing the way companies train their employees and build lasting cultural change around the importance of cybersecurity.