A major weak link in corporate cybersecurity was recently discovered through a survey of remote workers.
Trend Micro Inc., a leading cloud security company, released its Head in the Clouds study in September 2020. Of the 13,000 remote workers in 27 countries who participated, 39% divulged that they use personal devices — smartphones, tablets and laptops — connected to their home network to access corporate data. More than half of those remote workers also said they have Internet of Things (IoT) devices connected to their home network. About 10% of those gadgets included lesser-known brands.
This situation exposes corporations to a variety of risks that workers likely don’t realize:
- Many IoT devices, particularly from lesser-known brands, have weaknesses that hackers can exploit, such as unpatched firmware vulnerabilities and insecure logins.
- 36% of workers surveyed said they do not have basic password protection on their personal devices.
- For companies with bring-your-own-device (BYOD) policies, there’s a risk of devices becoming infected with malware through unsecured home networks that could be brought back to the office network when workers return.
This revelation couldn’t come at a worse time, when the coronavirus and its effects have resulted in more people than ever working from home and potentially using personal devices.
According to Bharat Mistry, principal security strategist at Trend Micro, “IoT has empowered simple devices with computing and connectivity, but not necessarily adequate security capabilities. They could actually be making hackers’ lives easier by opening backdoors that could compromise corporate networks. This threat is amplified as an age of mass remote work blurs the lines between private and company devices, putting both personal and business data in the firing line. Now more than ever, it is important that individuals take responsibility for their cybersecurity and that organizations continue to educate their employees on best practices.”
Education of employees is critical to fighting these cyber threats. Companies should consider updating mobile device usage policies and reviewing unified endpoint management (UEM) settings. Tech Orchard can be your guide. Reach out to firstname.lastname@example.org to head off potential problems before your company finds itself in a compromised — and costly — position.