A large proportion of employees are using their own devices to access data belonging to their company, according to a new study by Trend Micro. Bring Your Own Device (BYOD) policy seems like a great business move, but allowing employees to use their own devices, such as laptops, smartphones, and tablets, companies can save money and increase productivity.
When you allow your employees to access corporate data using their own devices from anywhere it increases the possibility that your data may be leaked. Mobile devices are the weakest link when it comes to network security because they are the most susceptible to attacks.
Due to the nature of BYOD, companies have minimal control over any corporate data either stored on employee devices or accessed via employee devices. If an employee forgets to install a security update, connects to a suspicious WiFi signal, or loses their phone it could put your data at risk.
Trend Micrro’s study, which surveyed more than 13,000 remote workers globally, found that many of the personal devices used to access company data were not as secure as their corporate equivalents.
A further finding of the study was that more than half (52%) of global remote workers have IoT devices connected to their home network, with 10% using lesser-known brands.
Since home networks typically offer security protection that is inferior to that which a business can afford to implement, researchers expressed concern that attackers could access home networks, then use unprotected personal devices as a stepping stone into the corporate networks they’re connected to.
Getting access to personal devices may not present much of a challenge to threat actors, given that over one-third (36%) of remote workers surveyed did not have basic password protection on all personal devices.
The research also revealed that 70% of global remote workers connect corporate laptops to the home network, opening up the possibility for malware infections to be brought from the home into the office.
“IoT has empowered simple devices with computing and connectivity, but not necessarily adequate security capabilities… This threat is amplified as an age of mass remote work blurs the lines between private and company devices, putting both personal and business data in the firing line.” said Bharat Mistry, principal security strategist at Trend Micro.
Source: Cyber Security Intelligence