Join our panel during Black Hat 2024 – Blurred Lines: Investigating the Convergence of Internal and External Threats



Insider Risk Insights - DTEX Blog

The Gig is Up! And that’s Not All Good

The gig is up! And that’s not all good.

This is the time of year when everyone is looking for little extra cash to pay off a few holiday bills or a trip to a warm-weather locale. In today’s digital economy, the equivalent of working a part-time job is jumping into the gig economy. Even before the recent spate of layoffs pushed people to find alternative means of employment, as of August, the gig economy was up 31% over last year.

Our research has shown that unsanctioned use of third-party work on corporate devices was up by more than 200% in the past 12 months. To a certain extent, this makes sense. As we moved into a mostly hybrid work-from-home environment, people have felt more comfortable mixing company business with their other business. Where employees once had separate laptops for their home life versus their work life, when people are working from home, the distinction between which machine is to be used for work or play diminishes.

Some companies have policies that strictly forbid using business laptops for anything other than company business. But many don’t, hence the rise of shadow IT and third-party work on corporate machines. For the most part, these open companies believe their employees work hard enough and make smart enough decisions to keep their machines and, by extension, the company safe. By and large, this assumption is true.

However, there is always someone who bites the hand that feeds them. Sometimes, employees work on their side gigs while they are on the company clock. Again, in this new work-from-home world, the line of when people are or are not working has become blurred. Still, we found more than a few cases where it was crystal clear that an employee was not focused on their day job because they were working on a side gig.

We’ve also found something a little more ominous at play. Some employees use corporate IP, like applications or databases, for gig work that directly competes with their employer’s business. For example, one enterprising social marketer used their employer’s Adobe Creative Cloud application to provide services to a competitor during business hours.

What is a company to do to make sure the New Year is a good one? First, and as always, it’s important to have clear policies from HR about how corporate machines can be used. That seems obvious, but as we’ve seen from the examples above, people sometimes blindly ignore what is not advantageous to them.

We have found six unique flags that can help you identify remote workers who are using corporate devices for third-party work. In some cases, it may not be a big deal, like an employee who is running a rugby league on the corporate laptop of an engineering company that sells emulsifiers. In other cases, we may help you find employees who work a side gig on company time or, worse, engage in conflicts of interest. In either case, by understanding intent, you can take the appropriate action.

Contact us to book a demo or take a virtual tour to see how DTEX can help.