In the security world, we’re always concerned about the concept of “Big Brother.”
This is code for a group that has your “best interests at heart” and monitors you “for your own good.” Note the air quotes. The concept of Big Brother was introduced in George Orwell’s dystopian novel, 1984, where an oppressive government regime utilizes surveillance to dominate its citizens’ lives and minds completely. This book voiced a rather well-founded fear and skepticism of government surveillance, but in this digital age, we may have been looking at the wrong organization.
Today, corporations like Facebook and Google are the real threats to your personal digital security, and unfortunately, many other corporations and employers around the world have started to follow suit. And if you think you’re immune to surveillance because you’re “loyal,” guess again, because there is a good chance that you’re being targeted. It’s projected that by the end of 2020, 80% of corporations will be monitoring their employees.
Why Are Our Employers Spying On Us?
Your first guess as to why employers are spying on their employees might be because they want to make sure they are getting their money’s worth. They want to prevent their employees from visiting sites like YouTube and wasting time on the company dime. That’s logical, but isn’t the primary reason.
Believe it or not, many companies are monitoring their employees’ activities on work devices not because they want to come down on time abuses, but because they want to improve their employee experience. In other words, it’s the same reason why Facebook and Google are constantly trying to get data from you. By gathering as much data as possible, they can measure employee happiness and contentment with their jobs.
Isn’t that just… wonderful. They care so much that they are willing to intrude on every single aspect of our private lives. That sounds more like “Big Nosey Parent” than “Big Brother.”
How Do They Do It?
When you have a work phone, computer, or other personal device, chances are that your employer has full access to it and every bit of data contained on it. That means that if you send a personal email from your work computer, they can more than likely read it.
This kind of mindset results in constant monitoring of communication programs ranging from your email to Slack. They can tell how long you are spending on these apps. Some companies (not all) have even started using biometrics to track their employees’ facial expressions through their webcam. If you are feeling a shiver go up your spine, you’re not the only one.
“OK,” you say, “No problem. I’ll just use my personal devices rather than my work devices.” But hang on! Does your personal iPhone connect to your work wifi? Does your work computer connect to your personal wifi? Depending on your employer’s privacy policies, they might have access to those as well.
What Can Be Done?
The very first thing you can do is closely review your employee manual to make sure that you know exactly how you are being monitored at work. If there are any “opt-ins” that give the company permission to monitor you, you should always “opt-out.” Actually, read the terms of services for your work devices that you bring outside of work (You know, that super-long document that most people skip past to click “Accept.”)
Make sure that the personal devices you bring into work are not connected to your work wifi and, preferably, aren’t wifi enabled at all. If you take work devices home with you, you should take some precautions with the audio and video access during off-work hours. For example, always cover the webcam of your work devices with a sticker when not on the job to block video access. Audio can be a bit trickier, especially if you don’t have access to the audio settings in the OS. Thankfully, you can block audio monitoring with a device like this. You should never connect your work devices to your home wifi, instead using a work-provided mifi or use your work phone as a mobile hotspot. Never reuse any of your personal usernames or passwords for your work-related accounts, as they could give someone access to your personal accounts if there is ever a data breach (or your employer starts to take advantage of nebulous areas in their terms of service).
Most importantly, you must educate yourself on your privacy rights in the workplace. You can learn more about that here and here.
If you want to always be up on the latest privacy and security news, we highly suggest you check out the ComSec blog and signup for free updates. And, if you would like more information about how you can protect yourself, we invite you to contact us today!
About the Author:
J.D. LeaSure, CCISM, is the President / CEO of ComSec LLC, a global provider of world class counterespionage and TSCM / Cyber TSCM™ services. www.ComSecLLc.com