Teleworking and BYOD as a security risk

Teleworking and BYOD as a security risk

Share post

A specialist in endpoint and cloud security, today released its new report, The State of Remote Work Security. The company's goal is to educate IT and security leaders about the growing threats associated with telecommuting (remote work) and BYOD (bring your own device) policies.

The results of the study make it clear that in remote and hybrid work, private and professional tasks are merging and the boundaries between the two areas have become more permeable. Lookout data shows that 32 percent of remote and hybrid workers use apps or software that aren't approved by IT. 92 percent of teleworkers complete work tasks on their personal tablet or smartphone devices. These devices, apps and software, as well as the corporate data being accessed, are not visible to the IT department, dramatically increasing the risk for organizations. Lookout released the study report today on the first-ever Lookout World Cloud Security Day.

The modern office outside the security perimeter

The cloud has become an important backbone for most businesses. In 2020, 61 percent of US organizations had moved their workloads to the cloud - prompted by the global pandemic and the need to quickly support remote work. In 2022, 60 percent of all company data will be stored in the cloud.[1]

While remote employee access to corporate data in the cloud offers flexibility and potential productivity gains, it can also increase risk for organizations when combined with BYOD. Because these devices are unlikely to be managed by IT, organizations have little visibility into the devices or control over potential threats. This applies to vulnerabilities in the operating system and apps, as well as the types of apps that have access to company data or phishing attempts. As organizations continue to move their applications to the cloud, IT no longer needs to just grant access to users based on device health. Instead, it must address how to extend access control policies to ensure the secure use of corporate data stored in those applications.

Remote workers and data security

The additional results of the study show that the following behaviors of remote workers pose an increased data security risk for companies:

  • 90 percent access corporate networks from locations other than where they live, an average of five different locations. This poses security risks as corporate data could be exposed across multiple networks that are not monitored by the IT department.
  • 46 percent have a work file stored on their personal device instead of their employer's network drive. Personal device operating systems are far more likely to be outdated, which means they are not protected against the latest security vulnerabilities and malware.
  • Almost one in three Teleworkers use their personal tablet or smartphone more than 20 hours a week for work. Personal devices often host dozens of unauthorized apps that malicious actors can use to launch phishing attacks.
  • 45 percent use the same password for work and personal accounts. Due to password reuse, a user's accounts are vulnerable to cybercriminals. This increases the risk of identity theft and sensitive data being stolen from the company.

All of these behaviors show that organizations need a whole new approach to security that keeps up with the way remote users access data and collaborate with one another.

Increasing the attack surface for businesses

"The rise of remote working has brought more choices and flexibility for many people, but unfortunately also a massive increase in the attack surface for businesses," said Sundaram Lakshmanan, Lookout's chief technology officer. “IT teams most of the time have no control over the networks their employees connect from, exponentially exposing both users and corporate data to internal and external threats. Lookout provides tools that enable organizations to protect their users and devices while enforcing adaptive security policies. This allows organizations to protect access to data stored in those business applications from both internal and external threats. This is the motivation behind Lookout World Cloud Security Day – managing this shift is essential for any organization with a fully decentralized or hybrid work environment.”

More at


About Lookout

Lookout co-founders John Hering, Kevin Mahaffey, and James Burgess came together in 2007 with the goal of protecting people from the security and privacy risks posed by an increasingly connected world. Even before smartphones were in everyone's pocket, they realized that mobility would have a profound impact on the way we work and live.


Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more