EXECUTIVE SUMMARY:

Would financing mobile phones and/or laptops on behalf of all employees reduce your organization’s cyber security risk? A new study says that it’s quite likely. Organizations that request or require for employees to use personal devices (laptops, smartphones, tablets) for work purposes may be less secure than companies that provide these tools.

Organizations that rely on employee-owned devices are less secure because:

  • Workplaces cannot enforce requirements that employees install security software on personal devices.
  • More than 1/3 of remote workers don’t have passwords on personal devices.
  • Network security may be lacking.
  • IoT vulnerabilities may enable hackers to tap into organizational data and assets.

If providing devices to employees is not feasible:

Workplaces can support remote workers by implementing dummy terminals and secure apps for personal devices. A corporate culture that values cyber security can also help. Providing employees with regular cyber security awareness training only costs a few dollars per participant, and can reduce workforce errors.

For more on the use of personal devices for work and device security, visit CISO MAG.