Report: 97% of executives access work accounts on personal devices

laptop keyboard and cellphone next to plant

Image via Unsplash

According to a new report, the majority of executives are using their personal devices for work, creating a “backdoor” for cyber criminals to access large enterprise organizations.

The 2023 Not (Cyber) Safe For Work Report, released by Agency, reveals that 97% of respondents access work accounts on their personal devices and 95% use personal devices for work-related multifactor authentication, creating unexpected vulnerabilities as their personal devices are now being used as a work device by their employer for second-factor authentication in order to access sensitive company data.

The report was commissioned by Agency using a quantitative survey of 500 executives from companies with 500-plus employees with splits across age, gender, region, title and industry, conducted by OnePoll in Spring 2023.

Key report highlights

97% of respondents access work accounts or applications via their personal devices, with 99% of C-level respondents accessing work accounts from personal devices.
95% of respondents use personal devices for work-related multifactor authentication.
89% of respondents say companies should provide cybersecurity software for employees' personal devices.
88% of respondents sometimes or often receive work-related spam or phishing on personal accounts, with respondents from mid-size companies (700-999 employees) more likely to receive work-related spam than those from larger companies (1,000-3,999 employees).
80% of respondents say it would be an invasion of privacy if their company were able to monitor the use of their personal devices.
80% of C-level respondents are likely to send work-related messages, i.e., emails or texts, from their personal devices — more than any other group — with 74% of respondents overall sending work-related messages from their personal devices “frequently/often.”
75% of respondents say their company has been the target of cyberattacks in the past, with the industries receiving the highest number of attacks including Information Research and Analysis (100%), Teaching and Education (89%), Engineering and Manufacturing (81%).
Almost three-quarters (73%) of respondents would allow their employers to install company software on their personal devices for the purpose of providing security, even if it meant they could see all their activity.
58% of respondents say their spouse/partner has physical access to their personal devices, as well as children (38%), friends (18%) and parents (10%), with only 30% of all respondents saying no one else has access to their personal devices.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.