New research has found that an overwhelming majority (90%) of workers use company-provided laptops for personal activities, potentially posing a serious cybersecurity risk.
ESET’s study found that a significant proportion of employees also use business hardware to engage in risky activities, including watching adult content, gambling, accessing the dark web and illegally streaming sporting events.
ESET attributes the shift to hybrid and remote work to the additional burden on security teams, adding that companies should consider implementing more robust security measures to remotely manage corporate devices while also training their employees.
Business laptops for private use
The survey found that two-thirds (63%) of respondents accessed the so-called “Dark Web” on their work laptops on a weekly basis, and 17% did so daily.
Men were primarily responsible for accessing the dark web, while younger workers aged 16 to 24 were more likely to connect to unsecured public Wi-Fi networks and use personal USB devices.
“We often hear that ’employees are the weakest link in security’ and endpoint security is not necessarily the first thing that comes to mind for many. This can cause problems when switching between work and personal devices,” explains Jake Moore, Global Cybersecurity Advisor at ESET.
While Moore acknowledged that hybrid and remote work environments have a positive impact on work-life balance, he stressed that companies should implement better cybersecurity processes.
However, despite the obvious dangers of private use and the benefits of remote management software, one in three (36%) believe that their boss views employees’ private activities as a violation of privacy.
In addition, around one in five (18%) do not have cybersecurity software on their work device and another 7% were unsure whether their device was adequately protected.
Hybrid working is here to stay and the boundaries between work and private life are becoming increasingly blurred. Against this backdrop, it is becoming increasingly obvious for companies to introduce stricter rules to protect confidential company information and their employees.