Virtual private networks (VPNs) are becoming mainstream, with 65% of 1,000 American respondents in a recent survey saying that they used one on a corporate and/or personal device.
The survey, included in Wombat Security’s 2017 User Risk Report, also found that results lagged in the UK; just 44% of 1,000 respondents in Britain said they used a VPN.
Also, almost a quarter (23%) of UK respondents said they knew what a VPN was, but chose not to use one – compared to only 16% in the US. About a third (33% of UK respondents did not know what a VPN was at all), compared to 19% in the US.
“Given that VPNs have gained a lot of traction in both the corporate and consumer sectors, we were surprised to see the significant differences between US and UK adoption rates,” the report noted. “But we were even more surprised by the number of employees who either do not know about this technology or are actively choosing not to use it.”
The discrepancy could be linked to a disparity in device usage. The report also found that 71% of those surveyed in the US use a personal device at home to do work, compared to only 39% in the UK.
Those that are blurring the work-home line use the same device they log into corporate networks with to check email, log onto social media, shop, stream video, play games and catch up on the news—all opportunities for bad actors to compromise one’s machine. For example, any website may be a spoofed fraudulent website set up by hackers to steal the data. VPNs encrypt data shared online into a safe tunnel, but users need to be careful and identify fraudulent sites – for example, the correct payment gateway will always have https URL.
“Clearly, organizations show a measure of trust when they provide devices like laptops and smartphones for their employees to use inside and outside the office,” Wombat said. “Is that trust misplaced? We asked those who do regularly use corporate-issued devices outside the office to identify the types of personal activities they do on those devices. Though there are some similarities, UK employees are again less likely to mix business and pleasure.”
Have you registered for Infosecurity North America taking place in Boston, 04-05 October 2017? For the full agenda, speaker list and more information, please visit https://www.infosecurity-magazine.com/conferences/infosecurity-north-america/