According to a Microsoft research report, eighty to ninety percent of successful ransomware attacks originate from unmanaged devices. Not a good advertisement for BYOD.

Annually Digital DefenseIn the report, Microsoft examines the most notable cybersecurity trends of the year. It’s no surprise that ransomware is once again a major issue. There is some disagreement among researchers about whether the number of ransomware attack attempts is increasing or decreasing. Microsoft belongs to the second camp and has seen an increase in attacks in which a human, not a machine, is at the wheel (+ 200%). Of particular concern are organizations with fewer than 500 employees.

According to Microsoft, unmanaged devices play a large role in successful ransomware attacks: In eighty to even ninety percent of successful breaches, a personal device opened the door to the network. Opponents of the BYOD principle (Bring your own device) would love to hear it.

Management and security are the two biggest arguments against BYOD. IT administrators have significantly less freedom of movement on their own laptop, which is also used privately. This makes it much more difficult to provide adequate security on the laptop. As an employer, you should not rely too heavily on employees installing adequate security measures on their own devices.

Basic hygiene

Of course, ransomware isn’t the only thing companies have to worry about. In addition, phishing, password attacks, DDoS and the entire range of current cyber threats are discussed. All of these different types of attacks can be avoided by 99 percent with good “basic hygiene,” claims Microsoft. The report lists the five basic rules again:

1. Enable MFA for all your accounts
2. Implement a zero trust policy
3. Install sufficient detection and response tools on your devices
4. Keep the software up to date
5. Secure access to important company data

Communicating these rules to all your employees requires regular repetition and practice. Microsoft also believes that AI can be a useful tool in the fight against cybercrime, although artificial intelligence is also used by attackers. You can download the full report here.