As pressures of juggling work, home schooling and staying connected with friends and family mount, it is easy to prioritize convenience over security. As a result, nearly one in ten (9%) of work computers are being used by Brits for many of their personal needs. With most office workers using their work devices for up to 13 hours a day, it’s easy to see why many of us choose to use one device for personal and professional use, as we increasingly feel the need to be connected and respond to emails and messages without delay.
The most common personal activities UK employees with a work device use that device for are:
- check personal email (64%)
- do online shopping (60%)
- check the news (46%)
- go on social media (38%)
This level of activity significantly increases the risk of hacking. It only takes one reused password or unsafe connection to hand hackers a VIP access card into your digital world – and your employer’s.
Sharing Isn’t Caring
Many of us have numerous logins to access work devices, platforms, shared files, etc., but as many as 24% of Brits have shared work passwords with a partner or family member. This increases the risk of passwords falling into the wrong hands, opening up the doors to sensitive business information. This is especially true as we tend to share multiple passwords across work and personal accounts. Once a hacker figures out at least one, they may have the master keycard that enables entry into the victim’s personal life as well as their employer’s.
The global study also found that we are using a multitude of devices to get our work done remotely, creating a massive headache for IT departments everywhere.
Since the start of the pandemic,
- Over half (54%) of Brits used their employer’s computer / laptop for work,
- A quarter (25%) have been using their personal computers, and
- 11% borrowed computers from family members of partners to work.
This can cause problems if you’ve logged into work documents, accessed client information and saved the details via a password manager. It’s so easy to click the button when prompted to “save password in keychain” for your online shopping and social media accounts. Potentially, anyone with access to the device has access to your logins. A worry for bosses as our own laptops may not have the latest security protection in place.
This would be OK if we changed our passwords regularly. But we don’t. Humans are the first line of defence to online attackers and one of the simplest things we can do is choose a secure password and change it regularly. But only 20% of Brits have changed work passwords within the last month. 43% haven’t changed their passwords in over 6 months. Staggeringly, some of us aren’t actually authorized to do so (9%) or the computer isn’t password protected in the first place (4%). These are some of the most basic steps people and businesses can take to keeping cyber thieves at bay.
As the number of hours we spend online has sharply increased, so has the number of phishing attacks. Scammers have taken full advantage of our increased reliance on remote technologies for work, including use of personal mobile phones for work matters and work devices for things like online shopping. For example:
- nearly half of Brits (48%) have been inundated by phishing attacks over the past six months, and
- 7% said they are being targeted at least once a week.
It’s not just via email, it’s through texts to our personal phones and calls to our work numbers, among other things. The sheer volume of online messages we are receiving and sending on a daily basis, coupled with the blur between work and home life, can expose us to these threats. Will you notice a misspelled link in an email? Or opt to re-set your account details on one of the popular ecommerce sites?
Who’s in your cyber bubble?
SailPoint is calling on employees and businesses to think about the composition of their respective cyber bubbles, not just their family and friend bubbles. Every time we surf the web using an unsecure WiFi connection, we risk coming too close to malicious cybercriminals for comfort.
Over a third (41%) of us use unsecure public WiFi when working, and 44% use unsecure connections when surfing the web for personal needs, creating a large cyber bubble comprised of complete strangers. Generation Z and the tail end of millennials (those aged 18-24) are much more carefree about their digital safety, with over a third (39%) admitting to sharing their passwords and compromising their cyber bubbles in other ways.
“The current level of cyber hygiene is quite worrying. We’d never think of leaving our house door unlocked or inviting a stranger in in for a cup of tea. Why do we treat our digital workspaces, both personal and professional, any differently? By easily giving away passwords or inadvertently inviting malicious actors in through unsecure WiFi connections, we are exposing ourselves to serious risk,” said Stephen Bradford, SVP EMEA at SailPoint. “Each of us must ask ourselves, ‘who am I in contact with and how far can my passwords spread?’ Businesses need to get a grip on the issue now before it spreads by stepping up their cybersecurity defences and training for staff. As the pressures of work and personal lives in the pandemic test our ability to multitask, existing cybersecurity training and processes typically aren’t enough. Innovative, predictive AI-enabled identity security technology is key to protecting people from making human errors, potentially leading to increased risk of cyberattacks and data leaks. If we aren’t careful, we could be facing a security crisis in the digital world.”
Read the full SailPoint report The Cybersecurity Pandora’s Box by visiting: https://www.sailpoint.com/identity-library/the-cybersecurity-pandoras-box-of-remote-work/