Your privacy is important, and you need to take steps to protect it in the office environment. When you use office computers, phones or other gear, you shouldn’t expect privacy. And yet, so many still do. Here’s why it doesn’t make sense, and what you can actually do if you want to have an off the record conversation.
Title image by Microvector (Shutterstock).
Work Tech Is Not Your Tech
It’s tempting to think of that work-issued laptop or smartphone as “yours”, but it isn’t. Yes, you use them all the time, they come home with you, and you can even get your personal email on them. You surf the web when you’re travelling, and maybe even your kid uses your laptop. You’ve sent personal emails from your work address, or shared great stories and have a lot of files saved in the work chat room.
As handy as that is, don’t let that convenience lull you into a false sense of security (or privacy.) Of course, it’s not OK for your company to just deactivate your account, or scoop up your data without letting you back it up, but they will. At the end of the day, it sucks, but your company will assert ownership over all of it.
When I worked in IT, I saw this all the time. The worst were the days when someone was laid off and IT had to deactivate their account before they got to work, or snatch their computer and phone from their desk while they were in a meeting. For some people, their work laptop was the primary computer in their household, so everyone used it.
Every time I had to fix a problem, I had to work through a maze of games their kids installed, music they’d purchased and downloaded (whole iTunes libraries, gone), years’ worth of photos they’d saved, and other personal files and effects. It was heartbreaking to open that computer to see all that data, that I’d have to back up, but they will never be able to retrieve. It would be nice to think that your company would give you time to download your files or wrap up everything nicely if you’re laid off or let go, but the truth is that almost never happens.
This rule extends to software, too. Every time I see people raise their heads in alarm because they learn the chat program the company uses is being monitored or logged, or because their company email is being archived, I can’t help but shake my head. The information you save in any program your company owns or pays for you to use, the emails you send, the files you download on your work computer — they all consider them theirs, not yours. If you assume any of that information will be safe and never used against you, disabuse yourself of the notion now, while you can.
Your Company Has Reasons To Track Its Own Tools
Your employer probably has reasons for keeping tabs on the tools they give to their employees. Some of them are good: Legal issues demand your company archive emails and chats for some reasonable amount of time, just in case they’re subpoenaed. When an employee leaves or is let go, they likely make an image of the laptop as soon as they get it back. This makes sure they have a snapshot of all of the employee’s files and data — not in case you forgot something, but in case something comes up and your boss needs your files, or the company suspects you of wrongdoing and needs to look over your data.
The last security engineer I worked with monitored our company Exchange server for every time someone emailed private data (like credit card numbers) in the clear, unencrypted. In general, it’s all about protecting the company and its interests. Those things make sense.
However, there are other, awful reasons companies keep tabs on their employees too. There are still too many companies that use screen-scraping applications to watch what employees do. Other companies don’t block social media but do track their employees use of those sites. Too many companies still have the archaic belief that employees need constant oversight to be productive, or worse, that catching one slacker wasting company time and resources justifies demoralising and dehumanising everyone else who works for you — even after study after study says the inverse is true.
Just Avoid Work Tech and Tools
While you shouldn’t expect privacy at work, there’s no reason you can’t get a little if you need it. We’re not just talking about a quick chat with your spouse, either. If you want an off-the-record conversation with a coworker, or to chat with your colleagues about a manager without worrying about that manager seeing it, it’s not impossible. Here are a few ways to get some space:
- Embrace free, third-party tools for private chats: If your company is logging your chats, just have those private conversations on a different service, like Hangouts or WhatsApp. Essentially, take it out of the company-owned space. If your employer logs everything you do on your computer, take it to your personal smartphone, or consider a secure, encrypted chat program where you and your coworkers can really talk off the record, like Gliph, ChatStep or CryptoCat.
- Always use your personal email for off-topic messages: If you’re setting up your next job interview from your current company’s email account, don’t. Switch to your personal account, and avoid saving or using your personal email on your work computer if you’re worried about the company having it. Of course, even if you check your personal mail on your phone while connected to company Wi-Fi, your employer could still get a hold of your messages — but the point here is to make sure you don’t lose important messages when you quit (or if you’re let go.) If you really want your emails to be private, on or off your company computer, you’ll need to encrypt them.
- Back up personal data from your work computer regularly: If you can’t avoid performing tasks like downloading music on your work computer, or letting your kids use it from time to time, at least make sure you move all of your data off of it regularly. Don’t install something that will fight with your company’s backup tool of choice, but at least copy everything off to a USB drive periodically. If it’s allowed, you can use tools like Dropbox or OneDrive for this too, since you can roll your own “backup” account, save your data, then de-authorise your work computer if it’s taken from you. Include everything that’s important to you — contacts, downloads, files, emails, all of it. You don’t want to get stuck laid off without your contacts or any important additions to your portfolio. Make a point to do it every week or month.
- Communicate the old fashioned way: There’s a lot to be said for just getting up and talking to your coworkers when you need to vent, and taking it out of your team’s chat channel or email distribution list. Not only will it clear the air faster, your conversation is much more private , If you have to get away from the office, grab lunch or hit the bar after work and talk then. At least in that case there’s no paper trail behind you.
Whenever you’re stuck using a work-related service or application, and you want a little privacy, use something you own instead — or at least something the company doesn’t own. It’s no absolute guarantee of privacy, but it’s a heck of a lot better.
Savvy network and security engineers have ways around all of this stuff if it happens on their networks, and the absolute last thing you should do is spend time trying to outsmart your company’s IT department. Not only will you fail (they have the time, resources, and expertise to uncover whatever you’re trying to cover if they need to), you’ll waste a lot of time and energy on something you’re probably better off just keeping to yourself, not doing at all, or sharing the old fashioned way.
Bottom line? There are ways to go off the record if you have to at work, but don’t assume that your company, or the tools they give you to do your job, will support them. Take matters into your own hands if you have to, or better yet, don’t expect that kind of privacy at work at all. Save it for after hours, when you’re at home on your own gear, talking to your friends and coworkers privately.