Federal Manager's Daily Report

A survey by a cybersecurity firm, Lookout, has found that nearly 40 percent of federal employees willfully ignore or bend policies regarding use of personal mobile devices for work-related purposes, potentially putting agencies at higher security risk than management realizes.

The survey of 1,000 federal employees found that “mobile devices are extremely prevalent in federal agencies, even within those that purport to have policies prohibiting the use of them.”

ADVERTISEMENT

“Not only are federal employees using personal devices to access potentially sensitive government data, a significant number of them engage in behaviors that could put the device and, in turn, the data it contains or accesses at risk. . . . Nearly half of federal employees have no security app or solution installed on the mobile devices they use at or bring to work. Thirteen percent of them use these unsecured devices for reading or downloading work-related documents,” it said.

It said a quarter of federal employees send work documents to personal email accounts, half use their personal devices for work email and 17 percent store work-related documents on personal file sharing apps. Also, a quarter have downloaded apps from sites other than official app stores, leaving them more vulnerable to spyware and other malware.

It said two-fifths of employees “are willing to sacrifice are willing to sacrifice government security to use a personal mobile device at work despite being aware of cybersecurity concerns. Clearly, employee education is not enough. Fifty-eight percent of employees are aware of cybersecurity concerns or consequences that arise with using their personal mobile phones for work, yet 85 percent admit to using their personal device(s) for potentially risky activities like downloading or reading work-related documents or email, sending work documents to personal accounts, and storing work data on personal file sharing apps.”