Following a new ESET study which highlighted how workers using company-provided laptops for personal activities could be putting work hardware at risk, we’ll explore the issues surrounding this practice and the potential consequences for businesses and employees, in two parts.
90% Using Work Laptops For Home Usage … But What About Risky Behaviour?
The recent study by cybersecurity company ESET revealed that employees are regularly engaging in risky activities on their work laptops. For example, the study shows that nine out of ten surveyed admitted to using their work devices for personal activities, including illegal streaming, gambling, and viewing adult content! Alarmingly, 20 per cent of respondents who view adult content say they do so daily, while the same proportion engages in online gambling daily using their work devices.
Work From Anywhere and Employee Mobility
The shift towards remote and hybrid work environments is one reason employees may be blurring the lines between professional and personal use of their work laptops. With the flexibility to work from anywhere, such as a home-office or while travelling, these devices often become a primary computing tool for both work and personal activities. While this convenience enhances productivity and work-life balance, it also introduces significant risks to businesses.
Accessing the Dark Web with Their Work Laptop!
The ESET study also highlighted some very concerning behaviour, with 17 per cent of respondents admitting to accessing the dark web using their work laptops, with some doing so daily.
Accessing the dark web exposes businesses to severe risks, including malware or ransomware attacks, data breaches, legal consequences, and reputational damage.
Consequences of Risky Behaviour
The consequences of employees engaging in risky online behaviour using work devices can be severe for both the business and the individual. Businesses may face data breaches, financial losses, and regulatory penalties, while employees could be subject to disciplinary action, legal ramifications, or even job termination if their actions cause significant harm to the organisation. The ESET study revealed that 18 per cent of respondents felt their job would be at risk if their risky behaviour were discovered.
Employee Awareness Important
In the report of the study, Jake Moore, Global Cybersecurity Advisor at ESET, stresses the importance of employee awareness, saying: “We often hear ’employees are the weakest security link,’ and endpoint security may not be the first thought on people’s minds. Businesses need to ensure that employees understand cybersecurity risks and their role in mitigating them, which includes avoiding risky behaviour or accessing illegal websites on their work laptops.”
Many Have No Cybersecurity On Work Laptop
Despite the clear risks, the study also revealed a worrying lack of security measures, with one in five (18 per cent) of respondents saying they had no cybersecurity software installed on their work laptop. A further 7 per cent were unsure if their devices were adequately protected, highlighting a critical gap in corporate security management.
What Does This Mean For Your Business?
The findings of the ESET study highlight the critical need for businesses to take a proactive role in ensuring the security of work laptops and corporate devices. With so many employees engaging in what appears to be some extremely risky online behaviour (e.g. going on the dark web daily), the potential for significant data breaches and financial loss is high. The key for businesses is really to ensure that robust security measures are implemented across all work devices, particularly in hybrid work settings where employees use these devices both for work and personal tasks.
Implementing effective cybersecurity policies is essential. Employees should really be educated about the dangers of risky online behaviour, and must be helped to clearly understand their responsibilities in safeguarding corporate assets. Training and awareness programmes that help employees recognise the threats of malware, ransomware, and phishing attacks should ideally be mandatory, particularly as personal, and professional device use becomes more intertwined. Also, companies should ensure that all devices have up-to-date cybersecurity software, such as endpoint protection, that can detect and block potential threats in real-time.
As highlighted in the ESET study, for businesses to effectively manage employee behaviour without invading privacy, IT departments should try to adopt tools and solutions that focus on detecting risk patterns rather than overseeing every detail of employees’ digital activity. Striking this balance could help maintain trust within the organisation while ensuring that cybersecurity remains a priority.
Next week, in Part 2 of this series, we will delve into the legal and compliance implications of risky employee behaviour on work laptops, explore real-world case studies of high-profile breaches, and provide further insights into how businesses can mitigate these risks effectively.
About us and this blog
We are a IT solutions and support company. In our BLOG you can find more information about services and solutions we provide and learn how they can benefit you and your business.
We offer professional IT support for small and medium size businesses, as well as support home based businesses.
To check how we can help improve your security and productivity, request your FREE IT health check today!
Categories
Archives
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
More from our blog
See all postsTags
Categories
- Brand development (4)
- Business advice (19)
- education (14)
- News (987)
- Uncategorized (14)