Personal Use of Professional IT Equipment
With work and life so closely intertwined, it is easy to mix up the two. Sometimes you find yourself using your work cell phone to answer a friend’s message, or book a flight ticket on your work laptop while dreaming of your next day off. These are all everyday activities that seem harmless on your work computer. But, there is a price to pay in the end if you stumble across the wrong website… and find yourself putting your company’s security at risk.
52.6 percent of respondents in a Malwarebytes survey reported using their work-assigned electronics to send or receive personal emails. 25 percent checked their social media. This was due to factors such as convenience and “breaking the monotony" of work-from-home routines.
A 2020 Malwarebytes survey found that 53% of employees reported sending or receiving personal email from their work devices.
Only 30 percent of respondents said they did not perform “any kind of personal activity on a work assigned device”.
Real-life Consequences
In the mid-to-late 90s, former CIA Director John Deutch took his government-issued computers home after leaving his position. At the time, it was not common to have personal computers, and he had already stored confidential financial information on his work computer.
It was found later that the same computer accessed “high-risk” adult sites. This incident was later called “a serious lapse in security” by CIA Director George Tenet. At the time of this investigation, there was no available technology to determine whether or not there was any true security breach caused by the activity, but it was enough to raise alarms for the department.
Technology Boundaries
In the internal CIA investigation, it was found that the time of access on the adult sites did not line up with the times Deutch may have been at home. Media outlets speculated that the culprit may have been another household member who was sharing Deutch’s computer.
Think about your own personal devices. It is fairly uncommon to share your device with your household members nowadays, as we each value our own privacy and maintenance of the device. If you were to lend your laptop to a family member, you would trust that they would not download illegitimate softwares or visit high-risk websites.
Now, put it in this perspective: your employer is lending you their computer for an extended period of time. Putting the device at risk could run some serious consequences, as business networks are likely to be a target for scams and hackers.
Wiping Off Your Personal Data
It takes more than a simple click of the “reset settings” button to truly erase any records of sensitive information on your laptop. The only way to truly do so permanently is to completely destroy the hardware. However, this leads to more company expenses when a replacement is needed.
Alternatively, you may have to hand in your device to the IT department, who will assist in wiping down hard drives. Depending on the amount of information though, and whether or not you’ve run into some malware, this can be a complicated process.
Assume You Are Always Being Monitored
The best way to keep your internet surfing in check? Keep in mind that there may be some sort of employer surveillance or future disclosure of the activity on your device. Instead of using your work desktop to open up Facebook, opt for your personal device instead.