Allowing employees to use their own devices for work carries risks. A new report from SlashNext shows that 43% of employees have been the target of a work-related phishing attack on their personal devices.
When it comes to securing BYOD hardware, 90% of security managers say protecting employees’ personal devices is a top priority, but only 63% say they have the tools to do so. do it appropriately. The acronym BYOD is the abbreviation of the English expression Bring Your Own Device (in French: Bring Your Own Communication Equipment or WITH), which designates the use of personal computer equipment in a professional context.
With the widespread use of personal mobile devices in the workplace, it is increasingly difficult for employers to keep sensitive information secure. In 2022, we found that the use of personal devices and apps was the direct cause of many high-profile corporate breaches. This trend is sure to continue as employees often use both corporate and personal devices for work, doubling the attack surface for cybercriminals. Threat actors know that there are fewer security checks on personal mobile devices, and they have increased their efforts to compromise these devices and gain access to valuable company data, says Patrick Harr, CEO of SlashNext .
The report reveals that 71% of employees store sensitive work passwords on their personal phones and 66% of them use their personal email apps for work.
On the employer side, 95% of security officers say phishing attacks via private messaging apps are a growing concern. 85% of employers require work-related apps to be installed on employees’ personal devices, while 89% of IT and security managers agree that access to employees’ private data poses security issues. legal.
81% of employers say the solution to keeping employees’ mobile data safe and private is to give them a separate phone for work, effectively doubling the attack surface for threat actors.
Interestingly, more employees fear being the target of a company phishing attack than being monitored by the employer on their personal devices. Employees want to protect sensitive company information on their devices, but not at the expense of their privacy. The hardest part is finding the right balance. As employees continue to use their personal devices for work, using private messaging and texting apps, more breaches will be reported through the mobile channel. With the threat surface expanding, employers need to ensure they have the tools they need to secure company data while maintaining employee privacy on their personal devices, Harr continued.
Source : SlashNext
And you ?
What do you think of the results of this research? Do you find them relevant?
Do you use your own devices for work? Has this ever caused a security risk in your work?
See as well :
Poor security practices remain a challenge for hybrid working*: 29% of workers always use the same passwords for their personal and work accounts
89% of third-party workers work from personal devices, increasing security risks and organizations’ vulnerability to data breaches
BYOD: 85% of companies allow access to their data on personal devices, but fear for security and privacy
Poor security practices remain a challenge for hybrid working*: 29% of workers always use the same passwords for their personal and work accounts