A recent Kaspersky survey entitled “Cybersecurity in the workplace: Employee knowledge and behaviour”, showed that professionals surveyed in South Africa, use multiple devices for work: along with a computer, 44,8% of local respondents also use a mobile phone, and 22,3% use a tablet as well. At the same time only 68,3% of respondents acknowledged having cybersecurity protection solutions installed on all devices that they use to access business information, and 9,8% of those surveyed don’t know if their devices are protected or not.
In today’s interconnected digital landscape, securing all devices used to access business data is essential to protect sensitive information and maintain operational integrity. Devices that lack essential protection can be exploited by cyber attackers to gain unauthorised access, steal data, deploy ransomware, or disrupt business operations.
Within the past 12 months, 33,3% of respondents in South Africa admitted to using their work devices for personal purposes (watching movies/ YouTube, playing games, shopping, holiday bookings, etc.), 20,5% connected work devices to public Wi-Fi networks, 5,5% lost their devices and 5,8% had their devices stolen. These figures underline the need for a cyber hygiene mindset and security solutions for all endpoints, as each of them present cybersecurity risks to a business.
Personal use of work devices can lead to the installation of unauthorised apps or exposure to malicious websites, increasing the chance of malware infections or data leaks. Connecting to public Wi-Fi networks, which are often unencrypted and poorly secured, can allow cybercriminals to intercept sensitive business data or inject harmful software, so it should be secured with a VPN. Additionally, if a device is lost or stolen and lacks proper security controls – like strong passwords, encryption, or remote wipe capabilities – critical business information could fall into the wrong hands.
“With the increasing reliance on cloud services, remote work, and mobile access, businesses need to implement comprehensive security measures. Cyber hygiene – or simply said good IT habits, security policies and the use of robust security solutions are essential practices for protecting business systems. Security solutions should include endpoint protection for every device that accesses business information. Multi-factor authentication, regular software updates and backups are must haves now," says Brandon Muller, Technical Expert for the MEA region at Kaspersky.
To help organisations strengthen their defenses, Kaspersky recommends the following:
- Implement security policies for employees, from password and software installation policies to network segmentation and data encryption.
- Arrange regular employee education and cybersecurity training, where solutions like Kaspersky Automated Security Awareness Platform can help to develop practical cybersecurity skills.
- Implement robust endpoint and network protection and monitoring solutions, for example from the Kaspersky Next product line, that would suit businesses of all sizes.
*The survey was conducted by Toluna research agency at the request of Kaspersky in 2025. The study sample included 2800 online interviews with employees and business owners using computers for work in seven countries: Türkiye, South Africa, Kenya, Pakistan, Egypt, Saudi Arabia, and the UAE.
