A recent study conducted by cybersecurity firm ESET has revealed an alarming trend: 90 per cent of employees are using their company-issued laptops for personal activities. This behavior presents significant risks to both individual and corporate security, particularly in the context of hybrid and remote work, where the separation between personal and professional lives is increasingly indistinct.
ESET’s research highlights that many employees engage in risky behaviors on their work devices, such as accessing adult content, gambling, and even browsing the dark web. Astonishingly, the survey discovered that 63 per cent of respondents admitted to accessing the dark web on their work laptops weekly, with 17 per cent doing so daily. These activities not only expose employees to potential cybersecurity threats but also put the company’s sensitive information at considerable risk.
The study identified younger workers, particularly those aged 16-24, and male employees as the primary groups engaging in these risky behaviors. This demographic was also more likely to connect to unsecured public Wi-Fi networks and use personal USB devices on work laptops, further exacerbating the security threats.
ESET’s Global Cybersecurity Advisor, Jake Moore, underscored the critical need for robust security protocols, especially in hybrid and remote work settings. While acknowledging the advantages of flexible work arrangements, Moore emphasised that companies must prioritise endpoint security and ensure employees receive proper training to manage the blurred lines between work and personal device usage.
Despite the obvious risks, many employees remain resistant to employer monitoring. Approximately 36 per cent of workers view their employer’s monitoring of personal activity on work laptops as an invasion of privacy. Furthermore, about 18 per cent of respondents admitted they did not have any cybersecurity software installed on their work devices, with an additional 7 per cent uncertain about their device’s security status.
As hybrid working becomes the norm, it is crucial for companies to establish clear guidelines and enforce stricter cybersecurity policies. This includes educating employees about the dangers of using work devices for personal purposes and implementing remote management tools to monitor and safeguard corporate data.
As the boundaries between work and personal life continue to blur, protecting sensitive company information and ensuring employee cybersecurity must remain top priorities for businesses in the digital era.