Learn why it’s important to create boundaries.
In today’s tech environment, we all carry smart phones, tablets, laptops, and other devices which can be owned by our employer or ourselves or some combination of the two.
To confuse the line between business and personal even more, the majority of today’s workers do personal tasks at work and also regularly work from home. With all the blurred lines between business and personal IT devices and spaces, it’s important to keep security in mind and set proper guidelines with employees.
Here are three important divisions your employees should be making between personal and business IT spaces.
#1 – Don’t Share Passwords Between Business and Personal Accounts
Passwords are paramount to online security. Even though it’s difficult to keep track of multiple passwords, you should never use the same password for multiple accounts. Instead, use a password vault to keep them all safely in one place, locked by a single password which can be a lot more complicated and therefore less likely to be compromised.
When setting up company accounts, you should never use the same passwords that you use in your personal life. If a database containing your personal email and passwords is stolen, you’ll be prompted to change your password for that individual site. If you’ve used that password for other accounts, you will need to change it everywhere as all your accounts are in danger. This is even more important for your work accounts, as the data protected by those passwords is often personal client information or proprietary company information.
It’s important for employees to realize when their password gets compromised a lot can be at stake.
#2 – Don’t Use Personal Cloud Storage for Business and Vice-Versa
Using personal cloud storage in the work environment has become a hot topic over the past few years as its popularity has increased. Because of its ease of use, employees want to move files in and out of personal cloud storage accounts as they work from home or the office. While this seems like an efficient and harmless practice, personal cloud storage accounts have a higher tendency to be hacked. If your private company information or client information is sitting inside of your employee’s personal cloud account, you’ve just opened up a huge security issue for your company.
It’s also important that your employees are aware that any data put on a company device, such as an app for cloud storage (Google Drive or Box Sync) becomes property of the company (except in rare cases). This is typically agreed upon when the employee is initially hired. This means if an app for your cloud storage is installed on a work device (phone, tablet, lap top, etc.), whatever files it downloads become “property of the company” even though the employee would probably consider the files theirs.
#3 – Don’t Use Company Devices for Personal Reasons
The devices your company provides for your use are to get your job done, and beyond that, the company is not responsible. This means if you were to plug your camera in to pull the photos off and you decide just to keep them on your work computer and something were to happen to that computer, there’s no reason for your company to recover anything except company data.
This same idea also applies to phones. Your company provided smart phone usually has a “kill switch” available to IT which will wipe the device. This only gets used in extreme cases like the phone being lost, and presents a risk to the company and its clients. It’s that same reasoning that requires a device administrator to be added when setting up your corporate email on your phone. Part of the series of permissions you grant when adding your corporate email allows the email program to grant the same “kill switch” to your IT department in case your phone is lost or stolen.
Pro and Cons to Mixing Business and Personal IT
There are both pros and cons to mixing business and personal IT spaces. It’s important to evaluate what areas are most important to your company and where it makes sense to be flexible with your employees. Always, always, always keep focus on security of your business and client information. Then explain boundaries you’ve established and set proper expectations with your employees.