NEW DELHI : Indian companies face high risks of hacking as many employees are using unregistered devices to connect to company networks in a covid-induced remote working environment, according to a study by US networking giant Cisco.
The study covered 6,700 security professionals from 27 countries, including 1,000 in India, and found that more than 95% respondents said employees are using unregistered devices to connect to work platforms.
“While BYOD (bring your own device) creates better convenience for employees as we’ve seen over the last 2-3 years, it has put thousands of unregistered devices on corporate network and it is more about the maturity of a company on how it invests in security solutions, create policies and give access to employees and other stakeholders,” said Rahul Aggarwal, cyber security expert and partner at PwC.
In a company’s network, registered devices include laptops and mobile phones that have been verified by IT teams and have the right kind of security tools built-in to ensure security. They do this using digital certificates that allow computer systems to verify a device.
Unregistered devices, on the other hand, include personal laptops and mobile phones, which may not have been verified. Such devices are often used by entire families, and may have vulnerabilities that hackers can exploit.
When employees use such devices to connect to company systems, attackers can use the vulnerabilities to exploit those systems.
There are multiple risks associated with logging in from unregistered devices, the study said.
About 82% respondents in the Cisco study have said that their employees spend more than 10% of the day working from these unregistered devices that often have backdoors and other vulnerable software that can get into work platforms and affect firms.
Vishak Raman, vice president of sales, India and Saarc, at cyber security solutions firm Fortinet, said devices connecting to a company’s network need to be monitored.
Indian firms have faced a surge in cyberattacks since the covid outbreak. A December 2022 report by virtual private network (VPN) provider NordVPN, found 12% of all user data found in cybercrime marketplaces (sold on dark web) belonged to Indians.
Another report, published in September 2022 by security firm Trend Micro, found that 75% of Indian firms have been hit by ransomware attacks since 2019.
Experts also believe that other than monitoring devices, companies also need to have an “incident response plan”, which basically allows them to respond quickly to any hack. This includes having a plan for responding to all eventualities regarding a breach, including isolation, investigation, and remediation, is vital to mitigating the damage an attack can cause.
Download The Mint News App to get Daily Market Updates & Live Business News.