10 Ways to Reboot Your Privacy at Work

When personal data is out there on the open web it can lead to privacy and security incidents at work that open you—and your company—up to risk. For cybersecurity awareness month, we’re offering tips on rebooting your privacy at work.

Video Meetings 

• Blur your backgrounds when on video calls. 
• Keep the microphone muted when not in use.
• Be wary of the information that others may see when you share your screen. Consider sharing a specific tab or application instead. Hide the bookmarks bar if exposed on open tabs.
• Follow Zoom (or your video conferencing platform of choice) meeting best practices. 

Smartphones 

• Avoid apps downloaded from third-party sources (neither Android nor Apple app stores).
• Screen existing apps to determine what they have access to and revoke permissions for any non-essential data access. [How-To: Apple; Android]
• Keep your phone password-protected with strong, unique passwords. 
• “MFA bombing or MFA fatigue” is a real thing. Don’t be tricked into accepting push notifications if they’re sent over and over.
• Where available, use hardware-based authenticators for important account MFA rather than SMS or email.
• Don’t ignore software updates. 
• Encrypt your device data and sensitive information. 
• Maintain a data backup plan. 

Email Safety 

• Avoid clicking links in emails. If your boss or a colleague emails you something that seems important, authenticate the sender or call or message them to verify. 
• Take your company’s phishing training seriously.
• When appropriate, use a masked email or dummy e-mail when an address is requested by vendors or services you don’t do business with. 
• Consider removing any non-essential PII (e.g. personal cell number, links to profiles) from your email signature lines.  You can always send contact cards to trusted business partners.

General Computer Safety 

• Use a camera cover when you are not on camera. 
• Don’t use your photo as your lock screen image; always lock your computer when walking away. 
• Use screen protectors when in public areas so onlookers can’t see your screen. 
• Keep your work laptop for work and your personal laptop for leisure. 
• Don’t share your work devices with family and friends. 
• Enable the find my device and the remote wipe features. 
• Password-protect any folders/files with confidential company files, or sensitive client data

Computer Software 

• Keep your operating system, antivirus, and other software updated to avoid giving cybercriminals easy access to your device through known vulnerabilities. 
• Don’t install tools or services without approval from your IT department. 
• Take advantage of the privacy and sharing settings in Google Docs and Microsoft 365. 

Passwords 

• Passwords should be strong and secure (read: don’t use easily findable personally identifiable information). Ideally, you should be using multi-factor authentication (MFA). 
• Use a reputable password manager to automatically create unique passwords and periodically update them. 
• Don’t share your passwords with family and friends, or store them in insecure content-searchable file formats (e.g. plain text/txt, PDF, CSV, HTML)

Internet 

• Use a VPN when working remotely, check with your IT department for their recommendations. 
• Make sure your home WiFi is strong and secure if you work remotely some or all of the time. 
• Make sure to use all available privacy features on your preferred browsers.
• Clear history and cookies on a regular basis.

LinkedIn 

• LinkedIn’s new job updates can leave you vulnerable to smishing (SMS-phishing) attacks.
• Remember that everything on LinkedIn is public domain.
• Never share personal information, even if it seems innocent.
• There are fraudulent users on LinkedIn, beware.

Hopefully, you’re doing most of these things to ensure your privacy at work. For more privacy tips, if you’re 100% working at home, you might want to check out this post: Operational Security And Remote Work: The Role of Employees and Their PII. Additionally, you can read our tips for rebooting your personal privacy online here.