Up to 1 in 3 millennials are risking their workplace cybersecurity while on holiday

The activities of millennials have come under the microscope as a recent survey from Palo Alto Networks Trust has found that as many as 1/3 of them risk the cyber security of their workplace devices while vacationing. The Digital Age survey was carried out alongside YouGov and Dr Jessica Barker, an expert on the human aspect of cyber security. It discovered that many people from this generation are taking work smartphones or tablets on holiday with them and using them at WiFi hotspots. This is in spite of the fact that they are trained in the security risks inherent in unprotected networks.

By using free WiFi, users can make themselves vulnerable to hackers due to lack of security and high volumes of people using it. And when it comes to the use of workplace devices, the risk is that their employer’s entire systems could be breached through those devices if users aren’t taking the proper precautions. The research surveyed 2,100 people, and was carried out to explore the likelihood that people will put their trust in modern cyber security measures and practices.

The use of WiFi hotspots

Of the UK-based employees that took part, around 34% stated that they would use their devices from work in areas that offer free WiFi while on holiday. This could include restaurants, bars and beaches, where people may want to use their devices for leisure or to catch up on a bit of work when they get a chance. Of that group, 35% were millennials, making them the largest group defined by age to fall into this category.

Dr Jessica Barker commented on the findings, saying that many people blur the line between work and leisure time, and this “applies to our personal technology, too.” She noted that many employees are expected to take devices from work on holiday with them, or they want to do so, in order to keep up with emails and stay on top of their workload whilst they are away from the office. This is what’s leading to people making their devices vulnerable whilst on holiday, and the risk is something that employees need to understand.

The risks of unsecured WiFi

Dr Barker went on to speak about the importance of protecting your devices, both personal and work-provided, wherever you use them. She emphasised that there is a very real threat associated with unsecured WiFi, and that “raising awareness” of the gravity of this risk is absolutely imperative. It takes advantage of employees who have no intention of putting the security of their employers at risk, but who do so without knowing. Hacks through unsecured WiFi are quite prolific and can leave an organisation completely exposed with severe consequences in many cases. The types of attacks that happen through public WiFi include:

• Man-in-the-Middle (MitM) attacks: This is when the attacker places themselves between the point where data is sent and where it is received, enabling them to ‘read’ these data communications and capture private information.
• Malware distribution: Exploiting software weaknesses, hackers can write code that targets your systems through public WiFi and plant things like spyware or ransomware.
• Snooping and sniffing: With special software, cyber criminals can eavesdrop on vulnerable WiFi signals, enabling them to view your every online action. This includes any information you fill in, meaning they can capture login credentials and bank account details.
• Malicious hotspots: These WiFi access points disguise themselves as legitimate ones to trick people into connecting to them, granting them unrestricted access to your sensitive information.

When people need to access WiFi whilst on holiday, it is imperative that they do so via a corporate or trusted VPN. If this is simply not possible, then it’s far better to just leave your work behind and enjoy your holiday rather than risk causing a damaging cyber security breach. It’s as good an excuse as any to truly leave your work behind when you go on holiday, and focus on enjoying time with your loved ones.

Caution is key

A European threat intelligence analyst from Palo Alto Networks was very quick to reiterate the point about prioritising safety. He recommended that everyone is “extremely cautious” about utilising public WiFi networks, whether it’s through a work-issued device or a personal one. He described the findings of the study as “worrying”, noting that it suggests there are far too many people willing to overlook their own company policies on acceptable use. He did, however, say that it is “encouraging” that this is an issue that can be addressed by companies taking steps to educate their employees on cyber security best practice.

It is also worth noting that companies must consider this education for their employees as an ongoing process. The world of cyber security is an ever-changing one, so it’s vital for employees to have the most relevant, up-to-date information about best practice. Software teams also need to be kept informed of the latest developments in cyber security, to ensure they follow the right protection procedures at all times.

If your business provides employer-issued devices to staff, you can work with a consultancy to help ensure your organisation is not at risk of data breaches that occur in this way.

CARA Technology are specialists in outsourced IT services, and can advise on how best to keep your company’s cyber threats to a minimum, so give us a call and we’ll have a discussion about your needs.