Trend Micro Study Finds 39% of Employees Access Corporate Data on Personal Devices

September 15, 2020 - 06:37
Trend Micro Study Finds 39% of Employees Access Corporate Data on Personal Devices

Corporate data policies may need to be refreshed as workforce remains remote


HONG KONG, CHINA - Media OutReach - 15 September 2020 - Trend MicroIncorporated (TYO: 4704; TSE: 4704),the leaderin cloud security, today released survey results that show smart homedevices and their apps represent a major weak link in the corporatecybersecurity chain as the lines between work and home life increasingly blur.


Trend Micro's Head in the Clouds study surveyedmore than 13,000 remote workers across 27 countries to find out more about thehabits of distributed workforces during the pandemic. It revealed that 39% ofworkers use personal devices to access corporate data, often via services andapplications hosted in the cloud. These personal smartphones, tablets andlaptops may be less secure than corporate equivalents and exposed to vulnerableIoT apps and gadgets on the home network. Over one third (36%) of remoteworkers surveyed do not have basic password protection on all personal devices,for example.


Dr Linda K. Kaye, a cyberpsychology expert said:"The fact that so many remote workers use personal devices for accessingcorporate data and services suggests that there may be a lack of awarenessabout the security risks associated with this. Tailored cybersecurity trainingwhich recognises the diversity of different users and their levels of awarenessand attitudes around risks would be beneficial to help mitigate any securitythreats which may derive from these issues."


More than half (52%) of global remote workers have IoTdevices connected to their home network, 10% using lesser-known brands, thestudy revealed. Many such devices -- especially from smaller brands -- havewell-documented weaknesses such as unpatched firmware vulnerabilities andinsecure logins. These could theoretically allow attackers to gain a footholdin the home network, then use unprotected personal devices as a stepping-stoneinto the corporate networks they're connected to.


There's an additional risk to enterprise networkspost-lockdown if malware infections picked up at home are physically broughtinto the office via unsecured personal devices at organizations withbring-your-own-device (BYOD) practices.


The research also revealed that 70% of global remoteworkers connect corporate laptops to the home network. Although these machinesare likely to be better protected than personal devices, there is still a riskto corporate data and systems if users are allowed to install unapprovedapplications on these devices to access home IoT devices.


"IoT hasempowered simple devices with computing and connectivity, but not necessarilyadequate security capabilities," said Tony Lee, Head of Consulting at TrendMicro Hong Kong and Macau. "They could actually be making hackers' lives easierby opening backdoors that could compromise corporate networks. This threat isamplified as an age of mass remote work blurs the lines between private andcompany devices, putting both personal and business data in the firing line.Now more than ever, it is important that individuals take responsibility fortheir cybersecurity and that organisations continue to educate their employeeson best practices."


Trend Micro recommends employers ensure their remoteworkers are compliant with existing corporate security policies, or, if needed,companies should refine these rules to recognise the threat from BYOD practiceand IoT devices and applications.


Companies should also reappraise the securitysolutions they offer to employees using home networks to access corporateinformation. Shifting to a cloud-based security model can alleviate many remoteworking risks in a highly cost-efficient and effective manner.

About Trend Micro

Trend Micro, a global leader in cybersecurity,helps make the world safe for exchanging digital information. Leveraging over30 years of security expertise, global threat research, and continuousinnovation, Trend Micro enables resilience for businesses, governments, andconsumers with connected solutions across cloud workloads, endpoints, email,IIoT, and networks. Our XGen™ security strategy powers our solutions with across-generational blend of threat-defense techniques that are optimized forkey environments and leverage shared threat intelligence for better, fasterprotection. With over 6,700 employees in 65 countries, and the world's mostadvanced global threat research and intelligence, Trend Micro enablesorganizations to secure their connected world