SMB employees are taking risks on unsecure devices

Many are connecting to corporate networks via unvetted devices

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Many SMB employees are gambling with their company’s security by connecting to corporate networks through personal, unsecured devices, a new report fromAvasthas warned, adding that most do so without approval.

The report found almost a third (31%) of SMB workers connect to their corporate networks using various personal devices, from PCs, to smartphones, and tablets, none of which come with security controls orantivirus software.

While some use a personal computer, others are connecting to corporate networks via smartphones. Of those, only 8% of PC users and 13% of smartphone users did so without getting permission beforehand.

Remote workers are a security liability

The report argues that in many instances, it’s not the fault of employees or bosses, as their organizations do little to help with working remotely, in a secure manner.

Of all the IT decision-makers polled for the report, two-thirds (66%) did not provide employees with dedicated work devices, while a fifth (19%) actually encouraged employees to use their own gear. Just a quarter of ITDMs specifically said using personal devices for work was off-limits, and consequently - 15% noticed unidentified and unauthorized devices on the corporate network, for which they believe to be employee devices.

But to malicious actors, remote workers are often “low-hanging fruit”, a quick and easy way to installmalwareon a corporate network. Personal devices are often used across the household, people share login credentials and leave their business email on various online services.

Without a dedicated work device, a properendpoint protectionsolution, and a way to securely connect to the corporate network (via, for example, aVPN), employees could involuntarily allow cybercrooks access to sensitive company data, or a way to installransomware.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“One of the biggest challenges with the move to remote and hybrid working has been ensuring employees have the freedom to do their jobs in a safe and productive manner,” commented Marc Botham, VP Worldwide Channel & Alliances at Avast.

“IT teams have understandably done their best to make this happen, but as we begin to resume some form of normality, it’s crucial that the security of personal devices accessing the corporate network is treated with as much importance as the security of corporate devices.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well