Shadow IT Alert: Half of Home Workers Buy Potentially Insecure Kit

Incidents of shadow IT have snowballed during the pandemic as remote workers bought devices without vetting from the IT department, a new report from HP has warned.

The tech giant’s Out of Sight and Out of Mind report is based on a global survey of 1100 IT decision-makers and a separate poll of more than 8400 home workers in the US, the UK, Mexico, Germany, Australia, Canada, and Japan.

Nearly half (45%) said they’d bought IT equipment such as printers or PCs to support home working over the past year.

However, 68% said security wasn’t as big a consideration as other factors like price or functionality when purchasing. Even worse, 43% didn’t have their new laptop or PC checked or installed by IT, and 50% said the same of their new printer.

IT is also being bypassed when it comes to reporting incidents, the study found. Even though three-quarters (74%) of IT teams claimed to have seen a rise in the number of employees opening malicious phishing links or attachments in the past year, most (70%) home workers who clicked said they didn’t report it.

That will hurt IT’s attempts to understand the level of risk the business faces and where it needs to tweak policy or direct security resources.

The combined impact of these shadow IT challenges is already pronounced: 79% of IT leaders reported that rebuild rates for machines increased during the pandemic. This indicates PCs and laptops have been compromised by malware.