More than half of the US population is now working from home because of the coronavirus pandemic, but many employees have not been given clear guidelines on how to handle sensitive data from home.

That’s according to research by IBM X-Force Red, the security division of the tech giant, which surveyed more than 2,000 Americans new to remote working.

Despite 42% responding that they regularly handled personally identifiable information, such as addresses and phone numbers, more than half of remote workers said they have not been given any clear guidance on how to process this data while working from home.

Further compounding the security risks, more than half of respondents reported that they were using their own personal device to conduct their work. Of those, 61% said their employer had not provided them with the right tools to secure their personal device.

Meanwhile, 45% said they had not been given any training for the new work from home set up.

Despite the lack of guidance and increased security risks from using a personal unsecured device, the overwhelming majority (93%) said they felt confident in their ability to keep personally identifiable information safe while working remotely.

Remote worker data handling: Guidelines lacking

Security experts have warned of the increased cybersecurity risks from remote working throughout the pandemic, with large workforces forced to move away from protected office networks at short notice.

The report, titled ‘IBM Security Work from Home Survey’, also found that 66% of surveyed remote workers had not been given new guidelines for managing company passwords, which could be why some 35% admitted to reusing passwords among business accounts.

“Organisations need to use a risk-based approach with work-from-home models, then reassess and build from the ground up,” said Charles Henderson, Global Partner and Head of IBM X-Force Red.

“Working from home is going to be a long-lasting reality within many organisations, and the security assumptions we once relied on in our traditional offices may not be enough as our workforce transitions to new, less controlled surroundings.”


Read more: Tips for scaling up VPNs to meet the remote working surge