Sharing devices at work could be your company’s biggest security risk

Managers are to blame more than employees

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Despite numerous warnings, senior management is still sharing their corporate devices with their colleagues and coworkers, often risking the security of the entire organization, new research has found.

A report from NordVPN claims people working in senior positions are five times more likely to share their work devices than employees, with HR managers (in the US), and Chief Technical Officers (in the UK) the most likely culprits.

Despite the majority of managers (87%) making sure to secure files on their personal devices (usually throughfull-disk encryption), insider threats are still responsible for 60% of data breaches.

NordVPN says there may be multiple reasons why managers willingly risk company’s security by sharing their devices, with convenience topping the list, as management often needs to share information with their teams quickly, and also often relies heavily on assistants and other supporting staff to manage practical issues.

Consequently, handing over a device to another worker may even make sense, in the moment.

Another reason may be due to management having greater access to better devices with greater functionality, and then feeling that they need to pass this on to their employees.

Risky business

Risky business

NordVPN says such examples should be a warning against sharing devices with anyone within a business. Insider threats are responsible for almost two-thirds of all data breaches, and by sharing a device with other people, identifying the insider threat that caused the cybersecurity problem becomes infinitely harder.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

SMBs and other organizations should also have clear and concise cybersecurity policies and make sure to train their employees often, in order for them to follow those policies. Regularmonitoringof both the gear and systems employees use should also be part of those cybersecurity policies, it was added.

Finally, all workers should make sure they create sophisticatedpasswords, upgrade their software regularly, and periodically back up and encrypt important data. Adding a complete set of cybersecurity tools, including aVPN, into the mix, is also recommended.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well