Too Many Employees Use Their Own Devices To Access Corporate Data

Uploaded on 2020-10-02 in NEWS-Cybersecurity News, FREE TO VIEW

A large proportion of employees are using their own devices to access data belonging to their company, according to a new study by Trend MicroBring Your Own Device (BYOD) policy seems like a great business move, but allowing employees to use their own devices, such as laptops, smartphones, and tablets, companies can save money and increase productivity. 

Trend Micro's researchers found that around 39% of workers use personal smartphones, tablets, and laptops to access corporate data, often via services and applications hosted in the cloud.

When you allow your employees to access corporate data using their own devices from anywhere it increases the possibility that your data may be leaked. Mobile devices are the weakest link when it comes to network security because they are the most susceptible to attacks.

Due to the nature of BYOD, companies have minimal control over any corporate data either stored on employee devices or accessed via employee devices. If an employee forgets to install a security update, connects to a suspicious WiFi signal, or loses their phone it could put your data at risk.

Trend Micrro's study, which surveyed more than 13,000 remote workers globally, found that many of the personal devices used to access company data were not as secure as their corporate equivalents. 

A further finding of the study was that more than half (52%) of global remote workers have IoT devices connected to their home network, with 10% using lesser-known brands. 

Since home networks typically offer security protection that is inferior to that which a business can afford to implement, researchers expressed concern that attackers could access home networks, then use unprotected personal devices as a stepping stone into the corporate networks they’re connected to.

Getting access to personal devices may not present much of a challenge to threat actors, given that over one-third (36%) of remote workers surveyed did not have basic password protection on all personal devices. 

The research also revealed that 70% of global remote workers connect corporate laptops to the home network, opening up the possibility for malware infections to be brought from the home into the office. 

“IoT has empowered simple devices with computing and connectivity, but not necessarily adequate security capabilities... This threat is amplified as an age of mass remote work blurs the lines between private and company devices, putting both personal and business data in the firing line.” said Bharat Mistry, principal security strategist at Trend Micro. 

McKinsey:        VirtualArmour:      Infosecurity Magazine:       Trend Micro

You Might Also Read:

Insiders Are Cyber Criminals Favourite Connection:

 

 

« Cyber Warfare Creates Ghosts In Our Machines
Remote Working Compromises Outbound Email »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

GovCERT.CZ

GovCERT.CZ

GovCERT.CZ is the Government Computer Emergency Response Team of the Czech Republic.

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

ObjectSecurity

ObjectSecurity

ObjectSecurity is a leader in authorization policy automation. With OpenPMF, you can manage application security policies for access control and auditing.

Avatao

Avatao

Avatao is an online training platform for building secure software, offering a rich library of hands-on IT security exercises for software engineers to teach secure programming.

Austrian Trust Circle

Austrian Trust Circle

Austrian Trust Circle is an initiative of CERT.at and the Austrian Federal Chancellery and consists of Security Information Exchanges in the areas of the strategic information infrastructure.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

Acceptto

Acceptto

Acceptto offers the first unified and continuous authentication identity access platform with No-Password.

Department of Homeland Security (DHS) - USA

Department of Homeland Security (DHS) - USA

The Department of Homeland Security has a vital mission: to secure the nation from the many threats we face. Our duties are wide-ranging, but our goal is clear - keeping America safe.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.

Corinium Global Intelligence

Corinium Global Intelligence

At Corinium, we have been bringing together the brightest minds in data, AI and info sec since 2013, to innovate at the intersection of technological advancements and critical thinking.

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group) is a USA based digital transformation company with expertise in Mobile, Cloud, Web, IoT, AR, RPA, Cyberseurity and AI Technologies.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.

CodeShield

CodeShield

CodeShield is a SaaS that helps software developers and security teams secure IAM in the public cloud. With us, you detect IAM privilege escalations easily and achieve least privilege.

Terra Security

Terra Security

Terra Security is the first agentic-AI platform built for web application penetration testing.