New research from the data recovery specialists[1] at Kroll Ontrack reveals how companies that don’t regulate employee usage of business devices with effective IT policies are putting data security at risk.
The research highlights that in the last year, 38 percent of UK employees downloaded personal files, while 29 percent of employees installed personal apps or programs on devices that they also use for work.
Five percent of people used P2P file sharing services, such as BitTorrent and Gnutella; the same percentage temporarily disabled firewall/antivirus software at one point or another; and 4 percent of workers cancelled antivirus scans on these devices.
Kroll Ontrack warns that while many of these activities may seem secure, using P2P file sharing services and installing third-party apps can put a device in the path of dangerous malware or viruses. Such activities may damage or corrupt devices, especially if protective software is disabled or not kept up-to-date.
This poses a major risk to data security with research highlighting that in the last year, around one in three (32 percent) devices in both personal and work environments became corrupted to the point where work information was irrecoverable.
Paul Le Messurier, Programme and Operations Manager at Kroll Ontrack, commented: “As the line between work and personal life continues to blur, employees will increasingly conduct personal activities on a device they also work on. This will raise a number of issues for organisations, from data security to productivity uncertainties.
“As such, businesses must look to protect their assets, both digital and physical. Employers must educate employees on what activities are acceptable, develop a simple but thorough IT usage policy, and ensure backups are in place and up-to-date for when disaster does strike.”
[1] ICM interviewed 1,151 UK employees between 18th and 20th July 2014
About Kroll Ontrack Inc.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.