When it comes to technology, the expectation of privacy is prevalent. However, when it comes to your workplace technology, that isn’t the case. Your work devices aren’t as private as you may think.
Although most businesses access your information only if they suspect you are not as productive as you should be, it’s safe to assume that you’re being monitored to some extent. With the help of employee monitoring software, employers can view every file you access, every website you browse and even every email you’ve sent.
Deleting a few files and clearing your browser history does not keep your work computer from revealing your internet activity. The tabs your employer may be keeping on you through your work devices go much further than that.
Here are seven ways your work computer is betraying your privacy.
“Many companies archive all emails indefinitely,” said Beth McIntire, cybersecurity manager at Truist. “Employees may not realize this. Organizations might search their mail archive for various reasons, such as discovery related to a court case. A government agency may conduct searches pursuant to a public records request by a newspaper. Emails unrelated to the request might come up in the search, including personal emails.”
“An employer can easily monitor and report on an employee’s internet usage, because all the outgoing network traffic flows through a router or firewall that provides that capability,” said Timothy Platt, senior technical trainer at Amazon Web Services. “For example, when you are on-site in the office, your computer is connected to the local area network [LAN]. For reasons of security, there is a device that sits between the company LAN and the public internet: a firewall. It allows network traffic to websites outbound, and carefully controls and limits inbound network access.”
“Most companies have an internet filter of some kind installed. These devices, such as Barracuda Web Filter appliance, can track all internet activity from every computer [or] device on the network, including your mobile phone that you connect to the office Wi-Fi,” said Peter Davis, owner of 311 Media.
“Many large IT providers, like IBM, offer affordable mobile management products, like MaaS360, that enable employers to strictly control portable devices. Employers can remotely erase lost employee devices used to access company information and install or remove software as well,” said Jeff Hoffman, founder of ACT Network Solutions. “Again, on company-owned devices, there’s not much argument, but employee mobile device usage policies can be used to enforce appropriate use policies and end-of-employment data removal policies on employee-owned devices as well.”
“This is critical because BYOD has become so pervasive in today’s business environment and mobile devices are so frequently stolen or lost. In cases like these, we can reach out and scrub information from those devices or immediately cut off access to company resources,” Hoffman added.
Editor’s note: Looking for an employee monitoring solution for your business? Fill out the questionnaire below to have our vendor partners contact you about your needs.
“Numerous applications exist for employers to install on employees’ computers that are essentially hacking programs. The vendors and employers consider them ethical hacking tools when used legally,” said Bob Herman, co-founder and president of IT Tropolis.
For example, these programs can often protect against a rogue employee emailing out a list of credit card or Social Security numbers,” Herman added. “These programs often upload activity in real time to a cloud console for review by the employer, and can include items like browsing history, screenshots taken every X minutes whenever an Excel or Word doc is open, keystrokes entered, and screenshots of emails when opened, just to name a few.”
Although remote workers are often more productive, some employers may assume that, when at home, employees are distracted or goofing off. Your employer may thus track your location and, by extension, activity.
“We have employees all over the world. Unfortunately, after a few negative experiences, we searched for a solution to track the actions our employees take while logged in during working hours,” said Brad M. Shaw, president and CEO of Dallas Web Design. “We now require all out-of-office staff to use TimeDoctor.com. We track screenshots, time per project, time per software used, webcam shots and metrics of productivity.”
“In the event of ‘low productivity,’ for example, an email is sent out to our team leader,” Shaw added. “Of course, the workers are acutely aware of the software, and our productivity has greatly increased since implementing it three months ago. Also, some workers are unwilling to use tracking software, and that is fine by me. I feel it helps to weed out unscrupulous workers.”
“Working from a server? We know every file you’ve pulled and put on the server, and when. There are many more ways, but clients always ask me, ‘Can my boss see what I’m doing?’ and the answer is always yes,” said Justin Esgar, CEO and president of Virtua Computers.
Your employer can likely track your emails, phone activity, location, productivity and even the words you type on work devices.
Employees might be surprised to learn how many businesses use monitoring software to track employees’ work computer activity. As an employee, do not use work devices for nonwork activities, such as checking social media or shopping online, and never share confidential information.
Here are six additional activities that should never happen on a work computer:
When it comes to a work laptop or computer, it is best to treat your work computer like a borrowed computer – which it is. Ask yourself if your employer would be satisfied with the content you’re browsing. If the answer is no, it’s not something you should do on your company’s time and equipment. Save it for your time outside work, using only your personal devices. That’s how you preserve your privacy.
Max Freedman and Andreas Rivera contributed to this article. Some source interviews were conducted for a previous version of this article.