1

New research from ISACA suggests that US consumers with 'work-supplied' computing devices intend, on average, to spend nine hours shopping for gifts on them during the forthcoming holiday season. When it comes to the Bring Your Own Device (BYOD) brigade, those who use personal mobile devices for work, that average goes up to 12 hours.

dweb-shopper According to ISACA’s 2012 IT Risk/Reward Barometer, those who mix their time between work-supplied computers and their own mobile devices will happily reveal email addresses (58%) and mother's maiden name (15%) in order to garner a 50% discount on a $100 item. This behavior leaves them open to targeted fraud and social engineering attack, and exposes their employers to a greater risk surface for good measure.

And they know it, or at least the majority would appear to as 53% agreed that they felt sharing information online had become much riskier over the last 12 months. Not that you would realise it from their actions when the research also reveals that 65% don't bother to verify the security settings of online shopping sites; 36% have link-clicked from social media sites using their work devices; 19% use work email addresses for personal activities such as online shopping; 12% store work passwords on personal devices and 11% use cloud-based services to store work-related documents without their company’s knowledge or consent.

What's more, half of the IT professionals questioned reckon that the risk of BYOD outweighs the benefits. "Companies that embrace BYOD should implement security awareness training" said Robert Stroud, ISACA Strategic Advisory Council member and vice president at CA Technologies. "ISACA recommends an embrace-and-educate approach as the best way of getting the benefits of BYOD while mitigating the associated risks."

John Pironti, an ISACA advisor and president of IP Architects LLC, says "the 2012 IT Risk/Reward Barometer shows a significant gap between what people believe and how they act. Despite considerable concern about their online privacy and security, consumers are simply not willing to give up behaviors that IT departments find to be high-risk. Enterprises need to balance employee reward and IT risk when it comes to mobile connectivity."

ISACA has also conducted another survey which reveals that businesses, on average, will lose at least $15,000 in productivity as a direct result of employee online shopping habits during work time according to some 37% of those questioned. Nearly a quarter of those asked firmly believed that the average employee will spend in excess of two whole days shopping online at work using a personal device.

Edited by happygeek: unstuck

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

2
Contributors
1
Reply
6
Views
5 Years
Discussion Span
Last Post by LastMitch
0

ISACA has also conducted another survey which reveals that businesses, on average, will lose at least $15,000 in productivity as a direct result of employee online shopping habits during work time according to some 37% of those questioned.

That's not going to change anytime soon. Employees will keep window shopping during lunch or down time at work.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.