Two in five employees are not sure what a mobile phishing attack is
The COVID-19 pandemic presents a significant challenge for businesses around the world as it seems their dispersed workforce have little regard for IT security and mobile phishing - a threat vector being increasingly used to target remote workers.
The COVID-19 pandemic has clearly changed the way people work and accelerated the already growing remote work trend. This has also created new security challenges for IT departments, as employees increasingly use their own personal devices to access corporate data and services.
The "Everywhere Enterprise" – in which employees, IT infrastructures, and customers are everywhere – has led to employees not prioritizing security in their new world of work.
Mountain View,CA-based mobile security platform MobileIron has looked at the impact that lockdown has had on employees working habits. It polled polled 1,200 workers across the US, UK, France, Germany, Belgium, Netherlands, Australia, and New Zealand.
The COVID-19 lockdown may have signalled the end for office working as we know it, as businesses shift towards the new way of working.
The study showed that over four out of five (82%) of global participants agree they do not want to return to the office full-time, ever. This is despite despite one in three (30%) employees claiming that being isolated from their team was the biggest hindrance to productivity during lockdown.
The current distributed remote work environment has also triggered a new threat landscape, with malicious actors increasingly targeting mobile devices with phishing attacks.
These attacks range from basic to sophisticated and are likely to succeed, with many employees unaware of how to identify and avoid a phishing attack. Over two in five (43%) of employees are not even sure what a phishing attack is.
Two in three (66%) agree their employers have the right solutions and technologies in place to allow them to work from home, and 72% of employees agree that their mobile device has been important to ensuring their productivity during lockdown
There are four types of people who are adapting to the working from home environment:
Hybrid workers split time equally between working at home and going into the office for face-to-face meetings. Although they like working from home, being isolated from teammates is the biggest hindrance to productivity.
They depend on a laptop and mobile device, along with secure access to email, CRM applications and video collaboration tools, to stay productive. They believe that IT security ensures productivity and enhances usability of devices, however, they are only somewhat aware of phishing attacks.
Mobile workers work constantly on the go using a range of mobile devices, such as tablets and phones, rely on public Wi-Fi networks, remote collaboration tools, and cloud suites for work. They view unreliable technology as the biggest hindrance to productivity as they rely on mobile devices.
They view IT security as a hindrance to productivity as it slows down the ability to get tasks done. They also believe that IT security compromises personal privacy. They are the most likely to click on a malicious link due to a heavy reliance on mobile devices.
Desktop workers find being away from teammates and working from home a hindrance to productivity and can't wait to get back to the office. They prefer to work on a desktop computer from a fixed location than on mobile devices.
They rely heavily on productivity suites to communicate with colleagues in and out of the office, and view IT security as a low priority for the IT department to deal with. They are only somewhat aware of phishing attacks.
Frontline workers work from fixed and specific locations, such as hospitals or retail shops. They rely on purpose-built devices and applications, such as medical or courier devices and applications, and are not as dependent on personal mobile devices for productivity as others.
They realize that IT security is essential to enabling productivity, and can not afford to have any device or application down time, given the specialist nature of their work.
Brian Foster, SVP Product Management, MobileIron. "Hackers know that people are using their loosely secured mobile devices more than ever before to access corporate data, and increasingly targeting them with phishing attacks.
Every company needs to implement a mobile-centric security strategy that prioritizes user experience and enables employees to maintain maximum productivity on any device, anywhere, without compromising personal privacy."
Mobile devices now play a more critical role than ever before in ensuring productivity, so securing mobile devices, apps, and users should be every CIO's top priority.
If only they had the time to focus on security instead of trying to keep their business going.