What Not to Do on Your Work Computer

If you use a work-issued laptop or desktop computer, you’ve likely been tempted to check your personal email, store private files on the company’s Google Drive, or avoid work entirely by diving into a research rabbit hole that has absolutely nothing to do with your job. You probably shouldn’t do any of this on a computer provided by your employer.

Employers can install software to monitor what you do on your work-issued laptop or desktop. In the most watchful of workplaces, this may include keyloggers that can see everything you type or screenshot tools that track your productivity. What type of surveillance and security software is installed on your company computer is often based on two factors: how large the company is (and what resources it has to dedicate to this) and what type of information you deal with in your role. If you work with sensitive materials, such as health records, financial data, or government contracts, you can count on your employer keeping a careful eye on what you do.

For most of us, the fear of being heavily surveilled at work is unwarranted. Jesse Krembs, senior information security analyst at The New York Times, said, “Without supporting evidence, at scale this is pretty rare. It tends to generate a lot of useless data, rope the employer into liability issues, and generally make the team that monitors these surveillance systems miserable. That being said, almost all large companies have a targeted program for doing this, especially for dealing with suspected insider threat or fraud.”

Even if your every move isn’t being watched, it’s still best to assume your work computer is monitored and act accordingly. Here are some less obvious tasks you should be mindful of.

Every security expert I spoke with mentioned one no-no: storing personal files on an employer-issued phone or computer. If you’re fired, your laptop is usually the first thing it’ll take from you, and if your company ends up in a lawsuit, any files on your laptop or desktop are fair game. Tracy Maleeff, an information security analyst at The New York Times, pointed to security concerns as well: “From the employer’s perspective, it just adds to the threat model of potential infected documents.”

Isaac Blum, director of applications and system services at logistics real estate company Prologis, added that even if you feel like you have job security, you might not have data security, depending on the security tools your company uses. “Some of these tools, if they detect a breach, they’ll start wiping files,” Mr. Blum said. If your computer gets infected with malware, the security measures taken to try to get rid of problems might clear out your personal files, too.

Since it’s online and not software installed on our computers, it’s easy to think of G Suite, which includes services like Gmail, Google Docs, and Sheets, as private productivity software. But the Freedom of the Press Foundation notes several reasons you shouldn’t use a company-issued Google account to store your private data.

Administrative users with G Suite Enterprise can search for specific phrases in an employee’s emails and documents, just like you can in your own account. Employers can set up audits to be notified of suspicious behavior and create custom scripts for retaining data.

For example, an employer could establish a process by which your email drafts are saved even if they’re never sent. If you’ve ever considered drafting a resignation email calling your boss a jerk, do so elsewhere.

When you use employer-owned equipment, it’s good to remember you don’t have a right to privacy — but that doesn’t mean your employer shouldn’t also clearly state what kind of monitoring it does and how.

Ms. Grama noted that your employee handbook is a good place to look to find out what software may be running on your computer. “Probably anybody who works in H.R. will say that yes, this type of information must be in an employee handbook,” she said. “It’s a really good practice and would engender good feeling about your employer if you knew that type of monitoring was taking place.”

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Show Buttons
Hide Buttons