Working remotely fuels personal use of company devices in the UAE

According to a survey by Mimecast Limited, an email security and cyber resilience company, 87 percent of UAE respondents extensively use their company-issued device for personal matters, with two-thirds (66 percent) admitting to an increase in frequency since starting to work remote.

The most common activities were checking personal email (57 percent), carrying out financial transactions (59 percent) and video calls with friends and family (50 percent).

The State of Email Security 2020 report also said that personal email and browsing the web/shopping online were already two areas of major concern for IT professionals.

In the Middle East, 66 percent of respondents said there was a risk to checking personal email as the cause of a serious security mistake, and 65 percent thought surfing the web or online shopping could likely cause an incident.

Earlier this year, an urgent request for IT teams across the globe was to ensure the efficient issuance of laptops and other computing devices to employees, as much of the workforce started working remote due to the novel coronavirus pandemic.

A key priority for IT professionals was to then ensure their IT and security policies were ready for the rush to remote work.

Encouragingly, all of the respondents in the UAE claim to be aware that links in email, on social media sites and on websites can potentially infect their devices while 81 percent have even received special cybersecurity awareness training related to working from home during the pandemic.

However, despite the majority of respondents stating that they’ve had special awareness training, 61 percent still opened emails they considered to be suspicious and 50 percent of the respondents admitted to not reporting suspicious emails to their IT or security teams.

“This research shows that while there is a lot of awareness training offered, most of training content and frequency is completely ineffective at winning the hearts and minds of employees to reduce today’s cyber security risks,” said Josh Douglas, vice president of threat intelligence.

“Better training is crucial to avoid putting any organization at risk. Employees need to be engaged, and trainings need to be short, visual, relevant and include humour to make the message resonate.”

“Security professionals need to ensure their organization isn’t growing more exposed as threats evolve to better target the unsuspecting,” added Douglas. “With everyone’s home becoming their new office, classroom and place of residence, it’s not really a surprise that employees are using their company-issued devices for personal use. However, this is also a big opportunity for threat actors to target victims in new ways.”

In the UAE, 92 percent of men reported using their corporate device for personal business versus 75 percent of women

Respondents averaged 2.5 hours of personal activity on their work devices a day, above the global average of 1.9 hours. Over a third clocked more than 3 hours of non-work-related screen time, against a global average of 22 percent.

In the UAE, 92 percent of men reported using their corporate device for personal business versus 75 percent of women.