Workers are putting their companies at risk by downloading software without permission

logic of work
(Image credit: Logitech)

New figures from Armis Research show that British workers are often putting their companies at risk by downloading software that’s not permitted or authorized by their employers, but it’s not exactly their fault.

Workers in two-thirds (67%) of the organizations studied were found to be introducing risk by downloading applications or software onto their hardware without their IT or security teams being in the know.

Armis reckons a lack of policy enforcement is to blame, but many businesses are evading the blame, too, with one in three (39%) complaining that the UK’s “increasingly complicated regulations and governance requirements” are too confusing or challenging.

Businesses need better device management, says report

With two in five (39%) of the UK’s participating organizations suffering from a security breach as part of a cyberattack in the past one year alone, clearly some work needs to be done to minimize risks.

Currently, more than one-third (39%) expressed a lack of complete visibility over company-owned assets, which grew to three-quarters (77%) in the case of employee-owned devices.

The study found gaps in the enforcement of bring-your-own-device (BYOD) policies, with only half (51%) actually enforcing such a policy across all workers. The majority (69%) of the study’s participants agreed that their organization needs to introduce and enforce better, clearer policies and procedures in order to tackle security risks.

Companies with adequate policies aren’t in the clear, either, because one in four (25%) UK cybersecurity teams say that they’re overwhelmed by the information they collect. Armis Research says that only half (51%) of the threat intelligence information collected is actionable, and 45% to 48% of processes are yet to be automated.

Armis CISO Curtis Simpson said: “Lack of policy enforcement can contribute to gaps requiring urgent remediation while also further complicating an organisation's attack surface.”

UKI Regional Director David Critchley added: “Organisations need to prioritise security across the entire organisation, including employee-owned devices, to mitigate risk,” calling out the need for automation to help bridge the global security skills gap.

More from TechRadar Pro

Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Read more
Giant eye watching at man working at the computer. Surveillance, hacking, internet security concept. Flat vector illustration.
85% of UK employers admit to spying on their employees – and workers aren't happy
Security
Removing software supply chain blind spots that put public sector organizations at risk
Classroom
Many schools still don’t have basic cybersecurity measures, research reveals
Stress
Complexity of IT systems could be increasing security risks for businesses
IT
Need to shine a light on shadow IT? Start with process
An American flag flying outside the US Capitol building against a blue sky
US military and defense contractors hit with Infostealer malware
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough