How employees are misusing corporate smartphones and tablets
Work devices are being increasingly abused
Smartphones and tablets are now integral to the way many businesses run. They underpin mobile working which in turn boosts productivity and enables the flexible working patterns that are helping businesses attract top staff, keep people motivated and drive efficiencies throughout organisations.
As a result, many businesses provide their employees with top of the range smartphones and tablets, meaning consumer communication tools have rapidly become part of enterprise and SMB collaboration ecosytems.
Nominally, these devices are for emails and secure enterprise apps. However, some of the best-known uses are also Skype, WhatsApp, Google Hangouts, Apple's FaceTime and Facebook Messenger. All of these contribute to a portfolio of communications tools that help tap into a consumer landscape where everything is instant, collaborative and shareable – and this is without doubt helping to propel businesses forward.
Mobile mischief
But it turns out people are also using their work devices to get up to mischief. We researched employees to find out some of the more salacious activities they get up to on their corporate phones and tablets, and the results made interesting reading. More than half (53%) of respondents use their work devices for personal activity, from shopping to social networking, gaming and pornography. Indeed, 3% admitted to having 'sexted', taken compromising photos of their partner or installed a pornography app on their device. 5% have also watched or listened to pirated material and 2% have used the popular dating app Tinder.
The research highlights that a significant number of people are blurring the lines between corporate and personal devices, and this is further demonstrated by the fact that 28% admitted to having taken a work device on a night out. But this consumerisation of work devices could be putting corporate data at risk.
Work devices are a portal to company data and the more people treat them like personal phones, the more at risk a company is. Data can easily be leaked through loss or theft. If you're taking your phone on a night out to a bar or a restaurant, you could be more likely to leave it behind or have it stolen than if it was resting in your laptop bag at home.
Crazy capers
Added to this consumerisation-fuelled risk is the fact that people will do almost anything to get their hands on these top-end devices and the data on them. Here at Absolute Software, we have seen some crazy examples when working with businesses to retrieve smartphones, tablets and laptops.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
There was the neighbour who excavated through his neighbour's attic wall to burgle devices from the house. There was a hotel bell hop stealing laptops from luggage. There was an incident with a local council IT employee who was identified as a laptop thief to the police, who then discovered his whole house full of council IT property.
Data and device loss is not to be sniffed at, with the ICO empowered to fine companies up to £500,000 for breaches of the Data Protection Act. Indeed in March, data protection law specialist Kathryn Wynn of Pinsent Masons claimed that the UK government should consider raising the level of fines that the ICO can impose, as it would drum home the importance of data security even more.
Education and security policy
All this considered, businesses need to look into how they educate staff and manage the use of corporate devices to avoid being stung, both financially and in terms of reputation. Employees must be informed about data security and this comes from an understanding of the consumerisation of IT throughout the hierarchy of a business. The more a business understands the risks out there, and the potential impact on the company, the easier it will be to work together with employees to create a secure environment.
However, data protection shouldn't just stop at education. Any initiative like this must be coupled with strong security policies and the right tools for securely tracking and managing every device that has access to your corporate network.
These two simple steps will help you protect data by reining in some of the more mischievous use of corporate devices, while also enabling mobile working.
- Stephen Midgley oversees all aspects of global marketing and product management at Absolute Software, including corporate communications, product marketing, demand generation, and the company's presence on the web.