Skip to main content

Using your personal phone for work could be a terrible mistake

(Image credit: Shutterstock)

As the lines between work and home life increasingly blur, research from Trend Micro shows that smart home devices and their apps represent a major weak link in the corporate cybersecurity chain.

The firm surveyed more than 13,000 remote workers across 27 countries to reveal that over a third (39%) use personal devices to access corporate data. 

This is despite the personal smartphones, tablets and laptops being used by employees are likely less secure than their corporate equivalents as well as exposed to vulnerable IoT apps and gadgets on a user's home network.

"The fact that so many remote workers use personal devices for accessing corporate data and services suggests that there may be a lack of awareness about the security risks associated with this," cyberpsychology expert Dr. Linda K. Kaye noted of the findings.

"Tailored cybersecurity training which recognizes the diversity of different users and their levels of awareness and attitudes around risks would be beneficial to help mitigate any security threats which may derive from these issues."

Remote risks

Of the global remote workers surveyed in Trend Micro's study, more than half (52%) have IoT devices connected to their home network with 10 percent using less-known brands. 

Many of these devices, especially those from smaller brands, have well-documented weakness including unpatched firmware vulnerabilities and insecure logins. These weaknesses could allow attackers to gain a foothold on a user's home network from which they could use these personal devices as a stepping-stone to the corporate networks they're connected to.

At the same time, there is an additional risk to enterprise networks post-lockdown if malware infections picked up while working from home are physically brought into the office on personal devices at organizations with BYOD policies in place. Trend Micro's research also revealed that 70 percent of global remote workers connect corporate laptops to their home networks.

Principal security strategist at Trend Micro, Bharat Mistry provided further insight on the threat smart home devices and apps pose to corporate networks, saying:

"IoT has empowered simple devices with computing and connectivity, but not necessarily adequate security capabilities. They could actually be making hackers' lives easier by opening backdoors that could compromise corporate networks. This threat is amplified as an age of mass remote work blurs the lines between private and company devices, putting both personal and business data in the firing line. Now more than ever, it is important that individuals take responsibility for their cybersecurity and that organisations continue to educate their employees on best practices."