skip to main content

2,621 shops listed | Last updated: 24 May 2022

Monitor Add a site

Employees put businesses at risk by shopping online

11 November 2010 - 13:18 by Simon Crisp

Share on

A new survey has concluded that UK workers are leaving their employers open to cyber attacks and malware infection because they use computing equipment provided by the company to carry out online shopping and access social networking sites.

The report compiled by ISACA has found that close to 50 per cent of all people employed in the UK have used sites like Facebook on their PCs and mobile devices which are linked to their firm's network.

In the run up to Christmas the people attempting to carry out safe shopping online while at work will spend an average of six hours looking out for bargains and bagging Christmas goodies, rather than getting on with the job in hand. Twenty-five per cent of those questioned said they would go further and probably take up a cumulative total of nine hours of their working day partaking of this activity.

There are fears among the experts that cybercriminals will take advantage of this influx of shoppers using work computers to create targeted spam campaigns and phishing sites, which will allow them to penetrate corporate networks with spyware and steal valuable data from employees and their employers.

ISACA analyst, John Prionti, said that if malware gets into a business network it can cost tens of thousands of pounds to eradicate and leave data exposed which can, in turn, lose the firm custom.

Fifty per cent of respondents to the survey said that they would also be harnessing m-commerce tools to shop online using smartphones supplied by their employer.

Because most smartphones are used outside of the secure wireless networks used within businesses, there are fears that those seeking safe shopping online while on the commute or at home, could create even more ways for cybercriminals to infiltrate corporations.

Education is seen as the best way to overcome these issues and experts urge businesses to train staff without limiting their usage of corporate devices.