{"id":29989,"date":"2020-06-09T06:00:01","date_gmt":"2020-06-09T12:00:01","guid":{"rendered":"https://www.webroot.com/blog/?p=29989"},"modified":"2023-08-31T07:32:49","modified_gmt":"2023-08-31T13:32:49","slug":"your-data-their-devices-accounting-for-cybersecurity-for-personal-computers","status":"publish","type":"post","link":"https://www.webroot.com/blog/2020\/06\/09\/your-data-their-devices-accounting-for-cybersecurity-for-personal-computers\/","title":{"rendered":"Your Data, Their Devices: Accounting for Cybersecurity for Personal Computers"},"content":{"rendered":"\n

Nestled within our chapter on malware in the 2020 Webroot Threat Report is a comparison of infection rates between business and personal devices. The finding that personal devices are about twice as likely<\/em> as business devices to become infected was always significant, if not surprising. <\/p>\n\n\n\n

But the advent of the novel coronavirus\u2014a development that followed the publication of the report\u2014has greatly increased the importance of that stat. <\/p>\n\n\n\n

According to a joint study<\/a>\nby MIT, Stanford, and the National Bureau of Economic Research (NBER), more\nthan a third (34%) of Americans transitioned to working from home as a result\nof COVID-19. They join approximately 14.6% of workers already working from home\nto bring the total to nearly half<\/em> the entire American workforce. <\/p>\n\n\n\n

During remote work many employees are forced or simply able\nto use personal devices for business-related activities. This presents unique\nsecurity concerns according to Webroot threat analyst Tyler Moffitt. <\/p>\n\n\n\n

“In a business setting,” he says, “when\nyou\u2019re given a corporate laptop it comes pre-configured based on what the IT\nresource considers best practices for cybersecurity. This often includes group\npolicies, mandatory update settings, data backup, endpoint security, a VPN, et\ncetera.\u201d<\/p>\n\n\n\n

Individuals, on the other hand, have much more freedom when\nit comes to device security. They can choose to put off updates to browser\napplications like Java, Adobe, and Silverlight, which often patch exploits that\ncan push malvertising<\/a>.\nThey can opt to not install an antivirus solution or use a free version. They\ncan ignore the importance of backing up data altogether.<\/p>\n\n\n\n

These risky practices threaten small and medium-sized\nbusinesses (SMBs) both immediately and when workers gradually return to their\nshared office spaces as the virus abates. <\/p>\n\n\n\n

As our report notes, “With a higher prevalence of\nmalware and generally fewer security defenses in place, it\u2019s easier for malware\nto slip into the corporate network via an employee\u2019s personal device.”<\/p>\n\n\n\n

What\u2019s at stake, for SMBs, is the loss of mission-critical\nbusiness data due to device damage, data theft via phishing and ransomware, and\nGDPR and CCPA fines for data breaches. Any of these threats on their own could\nbe existential for SMBs. <\/p>\n\n\n\n

What can businesses do to prevent BYOD-enabled data loss?<\/h2>\n\n\n\n

\u201cSuper small\nbusinesses may not have the luxury of outlawing all use of personal devices,\u201d\nsays Moffitt. \u201cBYOD is a fact of life now, especially with so many individuals at\nhome, using home computers.\u201d<\/p>\n\n\n\n

But employers aren\u2019t\nout of luck entirely. They can still purchase for their employees, and\nencourage the use of, several essential security tools. These include:<\/p>\n\n\n\n