Survey Suggests Remote Workers’ Behavior Adds Security Risk to Employers’ Business

The COVID-19 generation of remote workers is admitting to playing a significant part in increasing the cybersecurity risks facing their companies. New AT&T* research shows 54 percent of remote workers regularly use their work devices for personal purposes, including sharing work equipment with family members.

The survey, conducted by Opinium, questioned 3,000 workers in Germany and the United Kingdom who are working remotely to combat the COVID-19 pandemic. More than a third of those questioned admitted to using work equipment to connect to smart home devices (35 percent) such as voice assistants (14 percent) smart speakers (14 percent), fitness monitors (13 percent), smart lighting (12 percent) and smart kitchen appliances (12 percent).

The data clearly show workers understand the problem. Two-thirds said they are more aware of cybersecurity threats since shifting to home working. Nearly half believe they personally (49 percent in the UK; 38 percent in Germany) and their companies (52 percent in the UK; 42 percent in Germany) are at increased risk of cyberattacks. Fifty-five percent have been the target of a cybersecurity threat while working remotely over the past year, and nearly a third of those surveyed said their company isn’t doing enough to protect them from cybersecurity threats.

Yet when it comes to taking responsibility, two in three remote workers say that practicing good cybersecurity at work is challenging; citing a lack of adequate training or technical support; lack of prioritization by senior management; and it takes too much time/is too much hassle. One in five employees says there is no way they could be encouraged to care about cybersecurity risk.

While many businesses did introduce new cybersecurity measures to mitigate risks since the onset of COVID-19, employees indicated that many employers have not taken basic steps to improve cybersecurity. One in three say their company hasn’t implemented additional login protocols to protect from web-based threats and half have not required any additional cybersecurity training since shifting to remote working.