For most of us, the day starts with the start-up of the computer. But scarcely anyone is convinced one wrong move with a computer might cost you your job or career. Sometimes the reason for a mistake is simple carelessness. Regardless of stringent security instructions signed by employees as part of the recruiting process, those are neither followed nor considered, never embracing the paramount impact of consequences the violation may have. So, what are these no-go use cases for work PC or laptop?
- Using USB sticks to transfer data. While transferring corporate data to a home computer and vice versa, using USB drive may look natural, but this seemingly legitimate manipulation is prone to causing serious problems. One might lose the drive containing corporate data (or, even worse, confidential data belonging to partners or clients) and get fired for that on the very next day. One may unintentionally infect all PCs in the office with a wayward virus, or worse, a virus targeted at stealing your company’s data intentionally. A great reference for such stories is Stuxnet, which leaked into Iranian production facilities on the USB drive.
- Chatting in social networks. When talking to anyone on social network sites, remember to mind the sensitivity of the data and information you are about to share: it may affect both you and your company. Hackers often use social networks to conduct early reconnaissance and initially penetrate organization’s network. That’s why you should be wary of people asking you for contacts/emails of other employees, sending your unexpected files or links, and so on.
- Another no-no is improper tone of voice when talking to clients or partners using social networks, i.e. publically. Damaging your employer’s reputation is bad and in the absolute majority of cases means a 100% dismissal with immediate effect. One carelessly slipped out phrase about a colleague or one frivolous photo from the office party may lead to spoiled relationship with co-workers and problems within family.
- Resending work documents via personal email. It may well be annoying when ‘servers are down’ and your urgent mail cannot wait, but using a gmail.com address for sending corporate mail may be a bad idea for various reasons. For instance, if compromised, your mail service data may end up in the hands of cybercriminals. The most recent example is the case of hacking Arkady Dvorkovich’s mailbox. Dvorkovich, the Russian government official, was using Gmail for some communications. This is also fair for the opposite situations: try to avoid using corporate mail for personal correspondence. It is unacceptable to register on third-party resources using corporate addresses for sign-in. This may affect company reputation.
- Sending encrypted personal information from the office computer might mean the end of your career pitch and, ultimately, the end of work in the employing company. A precautious security department may decide you share confidential data with outsiders, and, even in case it is not so, you may provoke concerned looks behind your back.
- Using unauthorized third-party software at work, especially on laptops. Whereas many large organizations avoid giving admin right to users, such mistakes are still widespread. Aside from malware threats, irrelevant software wastes company resources. Do not forget that your PC is monitored remotely, so security professionals needn’t come up to your desk to see what you are up to.
- Deliberate or accidental security policy violation, i.e. password disclosure. Do you think it is something to be proud of when you shout to your cubicle neighbor: “Mary, I am off for lunch, keep an eye on my mail in case a message from N comes through”? How vividly I remember some individuals who would yell over the entire bank open space: “What is the password? I forgot!” Sometimes it can cost one a career. Passwords are something to talk of for eternity. Some users write them on a Post-It note and stick to the monitor, more proficient users take advantage of the reverse side of the keyboard to ‘safely’ store the credentials, and the most advanced of them keep a password written on a piece of paper shuffled inside of the top right desk drawer. No idea why, but it is actually so! The only idea which is even worse, is storing passwords in the “My passwords” document on the desktop.
Can a simple USB drive ruin your #career? Yes, it can – as well as another 9 #security mistakes everyone makes.Tweet
- Downloading irrelevant content. Whereas it may seem just right in the era of high-bandwidth Internet to download music, movies and other multimedia content at home, people do not tend to follow this simple rule, even being aware of the fact their online activity at work is monitored. Alas! They still do it and then get disappointed when penalized.
- Mobile communications. Many types of mistakes and wrongdoings can be mentioned here, ranging from ‘confusing a corporate phone with a personal, exceeding the traffic limits’ to ‘just having wanted to chill and play a bit’. It is particularly applicable to Android-based smartphones. All aforementioned rules are 200% relevant to mobile devices as well. If you want to use the device for business and personal purposes simultaneously, ask your IT support to properly separate these areas on the smartphone. There are multiple BYOD solutions to do that.
- The last but not least: Everything you say (lest write!) online can and shall be used both to support and ruin your career.