Half of Firms May Ban Personal Devices Over AV Risks

More than half of enterprises are considering banning personal devices from the workplace due to rising concerns over security threats associated with employee-owned technology.

Research from Kinly's Trusted Connections 2025 report indicates that 52% of enterprises could prohibit the use of personal devices for work purposes in response to the spread of so-called 'Shadow AV'—the unchecked use of personal webcams, tablets, and headsets by employees for professional activities.

The report, based on a survey of 425 enterprise AV professionals across the UK, Germany, the Nordics, and the Netherlands, highlights that 49% of businesses already experience issues stemming from the use of personal audio-visual technologies within their organisations.

Hybrid work practices have intensified these challenges. According to the survey, three in five businesses (57%) state that it is now more difficult to secure devices used outside the office than those in a traditional workplace setting. Additionally, 46% believe that employee' use of personal technology is actively undermining their remote work strategies.

The findings also reveal that in 27% of cases, employee-owned devices are impeding organisations from meeting their business objectives, and in some instances, exposing them to significant cyber risks. The risks encountered include potential ransomware attacks, breaches of the General Data Protection Regulation (GDPR), and possible non-compliance with regulations such as NIS2.

Basic security measures prove harder to implement when employees use their own devices at home. While 77% of enterprises confirm that in-office AV equipment is protected using strong encryption, this figure drops to 66% for setups that involve remote or personally owned equipment.

With the escalation of these risks, 30% of organisations have now identified securing personal devices and home-based AV as a top priority for 2025.

Despite increased awareness of potential threats, the report suggests that many organisations are not yet integrating AV technology as a core part of their broader security strategy. Although 79% of professionals surveyed believe AV tech is crucial to protecting the modern digital workplace, less than half (46%) say their companies formally recognise its role in security policies.

"Unsecured personal devices are the digital equivalent of leaving your front door wide open and hoping no one walks in. They're unmanaged, unmonitored, and opening up serious threats - from ransomware attacks to regulatory fines. If you're not treating all devices, as part of your security perimeter, you've already lost control," Don Gibson, Chief Information Security Officer at Kinly, commented.

Gibson emphasised the importance of visibility and control if companies choose to permit the use of personal devices on their corporate networks.

"If businesses must allow personal devices on the network, the priorities should be visibility and control. That means enforcing role-based access, mandating encrypted collaboration tools, and providing regular employee training. IT teams should be able to securely onboard personal devices by enforcing compliance requirements and enforcing clear user accountability before granting access to internal systems. Striking the right balance means evaluating risk against reward, because what works for one company, team or region won't necessarily suit another," Gibson added.

The Trusted Connections 2025 report outlines that organisations are re-examining their technology policies and approaches to safeguarding the workplace as hybrid work becomes more widespread.