Use of personal devices putting companies at risk, says study, Jan 9, 2017 by Insurance Business

Employees with a poor sense of cyber-security who use unsecured private devices for work are potentially putting their organisation at risk of attack, according to a new study to emerge from the UK, with further training suggested as a possible solution.

The report, conducted by WinMagic, surveyed a sample of workers in the UK and found that 42% use private devices for work and accessing email and corporate data. More than half of respondents (52%) admitted to using private accounts (such as Enterprise File Sharing Services) to access or store corporate files. Only a third of employees said they had never done this.

The most personal popular devices were found to be laptops, smartphones and USB devices, while Hotmail, Gmail and Dropbox were found to be the most popular online services used by the employees. Alarmingly, only 52% of those asked said they used some kind of security software to protect their devices and data.

Mark Hickman, chief operating officer at WinMagic, said that employers should be aware of the dangers of employees using personal devices for work, and that to counter the problem organisations should consider technological barriers such as encryption and increasing employee awareness of the issue.

“IT departments need to consider carefully how they strike the balance between giving employees the flexibility they need, and ensuring the security of corporate data,” said Hickman.

“Achieving that requires a combination of software and employee education, to help improve personal IT habits that are out of control of the workplace.

“This is one of many areas where encryption can play a key role, protecting data stored in the cloud and on remote devices, on personal as well as corporate accounts. Encryption remains the last line of defence, when an online account is breached or a device lost.”