Laptop users cited as high security threat

4 Nov 2004

Many laptop users in Europe are exposing their employers to legal or financial damage and risk having their personal data captured, a survey has found.

The European Laptop Liabilities’ Survey , an independent report undertaken by Dynamic Markets on behalf of software provider Websense, shed light on several activities that can reduce IT security. Amongst the findings, employees admitted to downloading non work-related software, allowing people outside of work to use their laptops, browsing peer-to-peer websites and downloading illegal music files and movies.

These activities can increase the chances of users coming into contact with malicious code such as Trojan horses, viruses and spyware, which could then be spread through a company network when the laptop is connected to it. Downloading software remotely can reduce the effectiveness of network-based security measures such as firewalls because laptop users would effectively bypass these checks. In the process, business and personal data could be exposed to keyloggers and other threats include hacking attempts and phishing attacks.

Almost half of workers in the survey (46pc) said that people access their corporate laptop outside the workplace; 22pc admitted they had “no idea” who actually uses it and for what purpose.

More than eight out of 10 employees (86pc) said they downloaded non-work-related software when out of the office. Just under three quarters of respondents admitted to not always reading the terms and conditions when downloading software from the internet. In a related finding, 15pc of users discovered software on their computers that they did not download.

Just over half of the companies surveyed (55pc) said they manage employees’ internet access on corporate laptops. Only a quarter enforce these policies physically and 30pc rely on their employees adhering to written policies, the survey found.

One in 10 people expressed concern that their company may face prosecution for breach of copyright resulting from employees downloading illegal music files and movies. A slightly higher number, 15pc, said they worried about being prosecuted themselves.

Laptop users represent a growing group as more businesses make the switch from desktop PCs to notebooks and portables. Research firm IDC has forecast that there will be almost 100 million business laptop users in Europe by 2007. Websense said that an effective mobile security policy was important for any organisation looking to offer remote or mobile working to its staff.

Geoff Haggart, European vice-president for Websense, commented: “Our survey shows that mobile workers are unaware of many of the hidden dangers of the internet. Not only do they not fully understand the risks of their internet surfing activities; more worryingly, they are leaving themselves and their employers open to attack from all manner of malicious content. Companies need to educate and empower employees with the knowledge to manage their laptop internet habits to ensure safer surfing — both in the office and at home.”

By Gordon Smith