A full 90% of parents who have work computers said they have taken them home and used them for non-work related purposes, and 37% of these said they let their teens use them as well, according to a survey of 1,070 adults and teenagers in GFI’s 2011 Parent-Teen Internet Safety Report.
“Because we have so many workers taking home corporate laptop and letting their teens use them in a less secure computing environment before taking them back into the enterprise, there are significant problems there that IT managers ought to be thinking about”, observed Eric Howes, research business analyst with GFI Software’s Security Business Unit.
“What are teens doing online? They are not just completing work on their science fair projects….Teens are visiting social media sites, such Facebook, Twitter, and other similar sites. Those sites…are absolute cesspools when it comes to malicious software and malicious scripts”, Howes told Infosecurity.
The survey found that only 36% of parents used web monitoring or web filtering software to keep tabs on their teens’ activities online and to block inappropriate content.
“When the laptop leaves the enterprise and goes home, and it ends up being used by teenagers of these employees, that laptop is coming into some significant dangers areas”, Howes warned.
The report found that 76% of parents and 77% of teens said that they were “very” or “somewhat” confident that they would not be infected by a virus. Yet, 65% of parents said that a virus had infected at least one of their home computers, and 47% of teens said they had been infected by a virus while using a computer at home.
“There is an apparent complete disconnect with people’s reported experience with security online. A significant portion of them admit to having been infected…and yet almost three-quarters of them say that they are confident they can avoid malware”, Howes said.
In addition, the survey found that only 28% of parents who have anti-virus software said they update their virus definitions daily, and 24% were unsure if they are updating these definitions at all.
“Users generally are not very good at keeping their anti-virus (AV) programs up to date with the latest definitions. An AV program is only as effective as its last set of definitions”, Howes said.
“When those laptops leave the enterprise and go home with employees, they are encountering a very different security situation. Compare that to a typical enterprise security environment, which is not perfect but has a lot more going for it than the typical home user”, he concluded.