- Most businesses expect their employees to do work on personal mobile devices, report finds
- Employees are not expected to go through security courses
- Many firms don’t have guidelines for mobile device use
When it comes to mobile cybersecurity, most small and medium-sized enterprises (SME) are falling well short, a new report from CyberSmart has claimed.
The report found a significant majority (60%) expects their employees to use their personal mobile devices to carry out work tasks.
This is problematic for different reasons, but from a cybersecurity perspective, it’s problematic as businesses have no visibility into people’s personal devices, the apps they use, the websites they visit, or files they download, making securing the business network infinitely more difficult.
“Chronically underserviced”
To make matters even worse, employees are not being taught even the basics of cybersecurity, and no one is raising their awareness on the dangers lurking on the internet. In fact, almost two-thirds (60%) of staff members are not expected to carry out mobile security training, the report states.
“An organisation that allows employees to use personal mobile phones to carry out work without security training is massively increasing the chance of a security incident taking place across mobile devices,” CyberSmart noted.
Finally, many organizations (40%) have no guidelines whatsoever, on how their employees should (or should not) use their mobile devices.
“While these results are concerning, SMEs in the UK remain chronically underserviced by the cybersecurity industry” said Jamie Akhtar, Co-Founder and CEO at CyberSmart. “It is important to make the distinction that many of these organisations have limited resources and are already stretched thin making it difficult for them to invest in cybersecurity.”
Akhtar advises SMEs to “consistently focus” on cybersecurity training, IT policies, and fostering a more security-conscious culture, as that can result in a more secure workplace.