Leaked employee passwords open up Fortune 500 companies to hackers

Leaked employee passwords


It’s one thing when your iCloud account with personal photos gets hacked. It’s another when your Fortune 500 company has a data breach because your office credentials were leaked online.

At 221 of the Fortune 500 companies, Fortune magazine’s list of the the top 500 U.S. public corporations ranked by gross revenue, employees’ credentials are posted publicly online for hackers to steal and reuse in cyberattacks, according to new research from the web intelligence firm Recorded Future.

Corporations, especially highly sensitive targets like Fortune 500 companies, spend a great deal on securing their networks against hackers, but that could be for naught if an employee carelessly uses his office credentials to sign up for, say, a gaming forum.

The sensitive information can be found on forums and text repositories like Pastebin, which are fertile ground for username and password dumps. Researchers at Recorded Future scoured approximately 600,000 websites for credentials posted between Jan. 1 and Oct. 8, 2014. During their analysis, they found at least one username/password combination at 44% of the Fortune 500 companies, leaving those companies vulnerable to hackers who could use the data to break into networks or mount phishing and social engineering attacks, Recorded Future CEO and cofounder Christopher Ahlberg told Mashable.

These credential dumps are outside the companies’ control, Ahlberg said. The data likely come from third party sites — not from breaches of companies’ servers — where an employee used a corporate email to sign up for something. In the past few years, for example, hackers have breached websites and services like Adobe and Forbes.

One caveat is that there is no way to know whether the password used on a third-party site matches the employee’s password used on his corporate account. In other words, Fortune 500 employees’ information may be posted online — but it doesn’t necessarily that information will lead to a successful compromise.

“It’s a coin flip whether or not these credentials taken from third party sites are valid,” Scott Donnelly, the lead researcher on the report, told Mashable. “But when there’s 10 or 20 from a particular company, then odds are you’ve got one that’s valid.”

Below, the breakdown of the 221 companies listed in the report:

Leaked employee passwords open up Fortune 500 companies to hackers


But having an employee’s username and password isn’t necessarily enough — hackers need to know where to use them. In some cases, Recorded Future also found that the webmail login pages of some utility companies are easily searchable on Google, which makes those companies even more vulnerable if an employee’s credentials are compromised.

The report doesn’t name names — either of companies or individuals — and Recorded Future has not notified any of the companies yet, according to Ahlberg and Donnelly. The goal of their research, they said, is to show that big companies are not immune to huge password leaks.

We’ve seen evidence of that lately.

Two weeks ago, a hacker claimed to have dumped 7 million Dropbox usernames and credentials. In a separate instance in early September, 5 million usernames and passwords appeared on a Russian forum (that information likely came from various earlier hacks, though). And in August, a security firm claimed to have found $1.2 billion credentials stolen by Russian hackers, though the firm’s report has been contested.

The issue with these dumps, even when they don’t involve services like Gmail or Dropbox, is the same: the danger of password reuse. If you always reuse the same password, a hacker doesn’t need to breach Google to obtain your Gmail password; instead, he can get it from your Fantasy Football forum. That’s why Facebook announced last week that it has been actively scouring sites that host dumped credentials to notify users if their password had been compromised.

Ahlberg and Donnelly warn that even more companies have probably been compromised, but those employees’ credentials have not been posted publicly.

“We have a pretty good coverage of the underbelly of the web, but these are just the public posts,” Donnelly said. “We’re highlighting how easy it is for somebody to just open the door and exploit a company because the information is sitting out there. But most certainly, there’s information that’s yet to be published.”

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity


If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.



Reference: http://mashable.com/

10 Personal Things Employees Do at Work

Ebenezer Scrooge wasn’t the first employer in history to berate an employee for conducting personal business on company time. And he probably won’t be the last. But personal tasks that may have once been considered taboo are now acceptable practices at work today, says a new study.

Forty-eight percent of bosses in the U.S. don’t mind when employees take longer lunches and are OK with staff getting together to enjoy office banter and to take regular breaks, according to a study of 1,000 U.S., British, German, French and Irish employees and employers sponsored by Mozy, a data protection and backup services provider.

On average, 37% of countries surveyed allow employees to take longer lunch breaks. This new latitude toward employee time management is less a new measure of employer largesse than it is an acknowledgement of how the adoption of mobile technology has made work become “a thing that you do” rather than “a place that you go,” Mozy says.

Employees have been quick to take advantage of this freedom. More than half of employees think nothing of leaving work early for a doctor’s appointment, with nearly one in five eating breakfast at the desk or taking time out to research vacations or shopping.

The study found that these were the top 10 personal tasks that employees felt it was OK to do at work:

  1. Leaving early for the doctor or dentist
  2. Personal phone calls
  3. Regular tea/coffee/watercooler breaks
  4. Chatting with colleagues
  5. Sending a few personal emails
  6. Taking a long lunch
  7. Online banking
  8. Leaving work early for a child’s performance at school
  9. Paying a few bills
  10. Listening to music


SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity


If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.



Reference: http://mashable.com/

How to Monitor Your Employees’ PCs Without Going Too Far

Do you know what your employees are doing on the Web? At a minimum, they’re probably goofing off watching YouTube videos. At worst, they could be steering your company toward financial ruin. In this quick guide, I’ll show you how to keep an eye on employee Internet use and monitor just about everything else they do with their PCs.

I can already hear the groans of disgruntled readers as I type these words (and if you’re worried about privacy at work, you have ways to stop your boss from spying on you). But gone are the days when PC monitoring was an optional, draconian security measure practiced only by especially vigilant organizations. Today, more than three-quarters of U.S. companies monitor employee Internet use. If your business is in the remaining quarter that doesn’t do so, you’re probably overdue for a policy change.

Why You Should Monitor

Everything your team does on company time–and on company resources–matters. Time spent on frivolous Websites can seriously hamper productivity, and visiting objectionable sites on company PCs can subject your business to serious legal risks, including costly harassment suits from staffers who may be exposed to offensive content.

take real time screen snapshot

 SurveilStar can give you a real-time look at employees’ screens.

Other consequences may be far worse than mere productivity loss or a little legal hot water. Either unintentionally or maliciously, employees can reveal proprietary information, jeopardizing business strategy, customer co
nfidentiality, data integrity, and more.

And, of course, unchecked Web activity can expose your network and systems to dangers from malware and other intrusions. Even something as simple as a worker’s failure to keep up with Windows patches can be a threat to your business, so don’t think of monitoring as merely snooping.

Monitoring Software

Employee monitoring is just one facet of a larger discipline known as endpoint security, which includes everything from malware protection to policy enforcement and asset tracking. Large enterprise computing environments demand comprehensive endpoint-security systems, consisting of server software coupled with client software on each user’s machine, that can handle many of these functions at once. These systems tend to be complex enough to require the expertise of a trained IT pro. But in this guide, I’ll be looking primarily at simpler tools designed for smaller organizations.

For a small business, you have several good ways to achieve endpoint security. You can install a Web-hosted system that combines software on the PC with remote monitoring services to protect your computers and enforce compliance with company policies. You can combine a few complementary tools, such as a desktop security suite and professional tracking software. Or, if your company is very small and your budget is tight, you can adopt free tools à la carte.

The most secure way to monitor PC use is to deploy a system that consists of a host, server, or appliance together with client-installed software. Unless you have a dedicated IT staff or the budget to bring someone in on a regular basis to check on things, such as SurveilStarSymantec.cloud or Trend Micro Worry-Free Business Security–is probably the best choice. These services are relatively inexpensive and easy to set up compared with server offerings, and they give you the flexibility to set and monitor compliance with acceptable-use policies from a single management interface. They also deploy system security updates automatically, block malware, and protect sensitive files to prevent data from leaking out of your company.

The cost for a hosted endpoint-security service is generally very low: A five-client license for Trend Micro Worry-Free will set you back less than $300 for two years.

If you’re not up for a total security overhaul and you just want to track user activity on a few systems, you have several affordable ways to go about it. Packages such asInterguard Sonar can monitor all e-mail and IM sessions, track and filter Web usage, log users’ keystrokes and program use, and capture screenshots on command for as little as $87 per user.

If you’re really on a shoestring budget, plenty of free and open-source tools can log PC and Web use. A freebie called ActivTrak, for instance, can keep tabs on which applications your staffers are using and which sites they’re visiting, complete with simple reports that give you a pretty clear idea as to how employees are spending their time on their PCs. A word of caution on stand-alone tools, though: Some antimalware utilities can quickly identify and disable stand-alone monitoring tools, so you may need to create an exception in your malware protection settings to ensure that ActivTrak can work properly on your systems.

Best Practices

It should go without saying that employee monitoring ought to be just one small component in a comprehensive strategy to protect your business and maintain productivity. Once you’ve made the choice to monitor, you should follow these general guidelines to ensure your success.

Be forthright: Nobody likes being spied on unwittingly. Unless you think someone on your team poses a serious threat that requires covert monitoring, it’s best to be up front with staffers about what you track and why. Many companies accomplish this with a simple statement in the employee handbook telling workers plainly that everything they do on company computers can and will be tracked. Letting employees know that their behavior is being monitored can serve as a powerful deterrent against unwanted online activity.

Filter proactively: Most good endpoint-security tools include Web and e-mail content filters that can block inappropriate sites and prevent users from sending or receiving files that can jeopardize your business. Use them. By limiting the ways your staffers can get into trouble, you can prevent problems up front.

Check reports regularly: There’s little point in generating usage reports if you’re not going to look at them. Take the time to at least spot-check the reports that your monitoring software generates so that you can identify potential problems early and take remedial action. Whatever you discover–whether it’s a time-wasting Website that everyone is watching this week or a single person who is addicted to solitaire–you can often fix problems with a simple e-mail that tells your team you know what’s up: “Just a reminder, people: Chatroulette is not an appropriate use of company time.”


SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Reference: http://www.pcworld.com/

Preventing, Monitoring and Identifying Abusive Behavior by Your Staff

The long-term care industry is vastly misunderstood and usually lumped together as one entity. Most suffer from the image that not only is your facility the place people go to die but that it is also a place where elders are abused. Actual statistics do not support the perception of rampant abuse; however, no abuse can be tolerated.

When it comes to the treatment of residents, nursing homes face the highest standards set by the federal government. F tags (nursing home standards used by CMS) specify that “the facility must develop and implement written policies and procedures that prohibit mistreatment, neglect, and abuse of residents and misappropriation of resident property.”

This article uses federal standards as benchmarks to strive for by any organization caring for the elderly and disabled.
Understand What Abuse Is

Abuse takes many forms not just physical. There is verbal abuse, sexual abuse, physical abuse, mental abuse and financial abuse among others. And beyond that there are certain conditions that arise in facilities that might be construed as abuse.

Falls – A resident’s fall may be unavoidable though sometimes staff’s inattention could cause it.

Improper Medication or Incorrect Dosage – The consequences of improper medication are sometimes fatal. Medication errors do occur. Most are mistakes but outside parties might skew it as abuse.

Neglect – A person enters a facility because he or she is incapable of performing at least some of the tasks necessary for daily living. If you fail to meet those needs, it can be construed as neglect.

So start with understanding what is obvious abuse and what could be construed as such.
Hire Right

Preventing abuse starts at the hiring process. Minimize the chance of hiring an abusive worker by following these steps.

Have written applications.
Conduct personal interviews.
Check references.
Conduct background checks of criminal records.
Check dependent adult abuse registries with your state Department of Health and Human Services.
Check motor vehicle records, sex offender registries and professional disciplinary board records.
Conduct alcohol and drug testing.

There are intangible parts of hiring that can help you understand how a prospect would fit from a cultural perspective – their compassion, values. You can start to understand these attributes by asking the right questions.
Care Plans and Environment

Fix features of the physical environment that may make abuse and/or neglect more likely to occur, such as secluded areas of the facility.
Assess and develop care plans for residents with behaviors, which might lead to conflict or neglect, such as residents with a history of aggressive behaviors; residents who enter other residents’ rooms.

Identifying Abusive Behavior

Here are some things that could signal elder abuse in a facility.

Unexplained signs of injury such as bruises, welts, scars, bedsores, abrasions, burns
Unexplained weight change
Poor personal grooming


Threatening, belittling, or controlling caregiver behavior
Withdrawal from activities
Unusual behavioral changes
Staff preventing family from being alone with loved one


Bruises around breasts or genitals
Unexplained venereal disease or genital infections


Sudden change in finances and accounts
Altered wills and trusts
Unusual bank withdrawals
Items or cash missing

Monitoring Behavior – Communication with Family / Ombudsman Key

Employees cannot be monitored 24-7. Other staff, families and visitors, the president of the resident’s council and a facilities ombudsman all play a role in monitoring. (While the ombudsman and resident council president are typical positions encountered in skilled nursing and assisted living facilities, independent living facilities may not have these in place. At the very least a resident council should be established. The president of that council is often the first place residents go when they have a concern.)

Savvy families are also demanding technology solutions such as webcams in the resident’s room. Be aware of these but be careful how far you go so as to avoid a perception that “big brother” is always watching.

Establish an ongoing relationship with the audiences above and encourage open and transparent communication. Provide residents, families and staff information on how and to whom they may report grievances without the fear of retribution; and provide feedback regarding the concerns that have been expressed.
Supervise staff to identify inappropriate behaviors, such as using derogatory language, rough handling, ignoring residents while giving care, directing residents who need toileting assistance to urinate or defecate in their beds.
There are numerous technology solutions to facilitate communication with client contacts. Consider ways to consistently communicate with families.
Visit your residents on an ongoing basis. Have other members of your team do the same.

Preventing Abuse

Assuming you have hired the right staff and have on-going monitoring in place, it is important to establish a culture that promotes client respect and dignity and one that has zero tolerance for abuse.

Empower your employees (think Neiman Marcus) to be able to make and act on decisions for the well being of the resident. That does not mean having a checklist of what good customer service means. It does mean setting the context for employees (how would you like your mother to be treated for example) and let them figure it out.
Develop ongoing training programs for employees. In addition to enlisting workers’ support in identifying abuse by others, training can further reduce the likelihood that workers, themselves, will engage in abusive or negligent conduct. Training can further raise workers’ morale and help to eliminate negative public perceptions and stigma that have been created by media attention to abuse by helpers.
Burnout, frustration and stress of your employees can lead to abusive behaviors. Be alert and mindful of staffing patterns, workload as well as personal issues that may affect employee behaviors.

Abuse is a serious issue. If you hire right, monitor and cultivate a culture that does not tolerate abuse you will be well on your way to growing your business and debunking many of the myths associated with elder care facilities.
Article Source- http://assistedliving.about.com/od/hiringstaffing/a/Preventing-Monitoring-And-Identifying-Abusive-Behavior-By-Your-Staff.htm

Employee Monitoring: It’s Not Paranoia—You Really Are Being Watched!

It’s possible that someone has been reading your e-mails, listening to your phone calls, and tracking your Internet use. No, it’s not a foreign spy. It’s not even your ex—it’s your employer. And she doesn’t even need to tell you she’s doing it.

Employers can legally monitor their workers however they want. They can log and review all computer activity as long as they own the machines. The most popular method of keeping tabs on employees is to track Internet use: A whopping 66 percent of companies monitor employee Internet activity, according to a survey released in February by the American Management Association and the ePolicy Institute. What are they looking for? Frequent visits to sexually explicit sites, game sites, and social-networking sites like Facebook on company time. Almost a third of those who said they monitor their employees have fired someone for inappropriate Web surfing.

Some companies monitor employees—tracking keystrokes, reviewing computer files, and reading e-mail—to ensure they’re staying loyal. Press leaks of confidential information and trade secrets are of legitimate concern to employers, and many will go to great lengths to make sure that their employees aren’t using company computers to pass on information to outside sources.

How They Do It

Most employers who monitor their workers use software loaded directly onto the workstations. Some applications, such as Websense Enterprise 5.1, are meant to monitor the Internet traffic of entire enterprises. There is no shortage of such software available for purchase by both companies and individuals. Programs like Spector Pro can keep detailed logs of keystrokes and SMTP and POP sessions, screenshots, instant messages, and URLs visited on individual computers. Spector can also be programmed to inform users at start-up that their computers are being monitored—a handy tool that can keep an employer in the legal clear.

Employee monitoring is, for the most part, completely legal. Only two states—Delaware and Connecticut—require employers to notify employees of monitoring. But most employers do (and should) make a point of alerting employees to surveillance, in order to avoid the fuzzy legal and ethical boundaries surrounding electronic privacy in the workplace. Of those surveyed who monitor their employees, 83 percent said they inform them that they’re doing it.

But not every company informs employees of its actions when it should, which can lead to serious trouble. Case in point: Hewlett-Packard. In 2006, HP hired private investigators to help find the source of information leaks. They used slimy—but legal—tactics such as digging through trash, sending fake e-mails loaded with hidden tracking software, and tailing journalists who were communicating with HP employees. They crossed the legal line when they used pretexting, or posing as someone else in order to get phone records. The chairman of HP and half a dozen board members resigned or were fired as a result, and the entire debacle shed new light on the possibilities of employee monitoring in the digital age.

E-mail monitoring can be particularly tricky. Employers can look through old e-mail, but monitoring e-mails in real time as they come in and out is still a gray legal area. An employer may intercept communications where there is actual or implied employee consent. Implied consent has been found where the employer simply gave notice of the monitoring. The only area that is definitely off-limits is employees’ personal laptops and hard drives.

How Do You Know?

If you’re using a company-owned computer, it’s probably a good idea to assume your activity is being monitored. And unless you’re using encrypted e-mail, you should try to avoid using your work e-mail address for personal correspondence. If that’s not realistic, then a good rule of thumb is to read every e-mail before you send it, and think about how your boss might react if he or she were reading it.

In most cases you can detect monitoring software the same way as other spyware. Any application firewall, such as Norton or McAfee, should be able to find unauthorized applications on your computer. Of course, in the case of monitoring by your employer, it’s likely that IT installed the monitoring app and has therefore set up rules to allow the application to work with your firewall while remaining invisible in the background.

Some antispyware programs can detect and even remove keyloggers. If you install a program like CounterSpy V2, you’ll probably be able to figure out whether you’re being monitored. Check our full roundup of the best antispyware applications for more ideas.

If a spyware scan isn’t revealing anything and you’re still apprehensive, you can check for any suspicious processes that are running. It’s hard to weed out the normal processes from the foreign ones, however, unless the invasive program creates an obvious folder or process (YouAreBeingWatched.exe). And some monitoring software, like Elite Keylogger, uses rootkit techniques, so you can’t even see its processes or files. Hit Ctrl-Alt-Delete and go to the Task Manager to see a list of processes running on your workstation. You may get lucky if you’re really familiar with your computer’s processes, or if the program really does use an obvious name (some programs do).

Of course, the easiest way to find out whether you’re being monitored is just to ask your employers. Ethical considerations will most likely push them to tell you the truth, and they probably know that if they lie it could be grounds for legal trouble later on. The responsible employer should create an Acceptable Use Policy to make what is appropriate in the workplace completely clear. But if you think you’re being watched (and you’re pretty sure it’s not the CIA or your ex), try a standard spyware detection program or monitor your computer’s processes.

If you do find you’re being monitored, depending on the circumstances, you might be able to take legal action against your employer. The only legal limit on workplace surveillance comes in the form of the ECPA (the Electronic Communications Privacy Act, passed in 1986), which prohibits employers from deliberately eavesdropping on personal conversations. The ECPA does not protect any kind of communication except the spoken word, though, so your every action while at work, including personal e-mails, is most likely subject to review by your employer. You might not be able to take your employer to court for watching you at work, but at least you’ll know to quit spending so much time playing Scrabulous on the company dime.
Article Source- http://www.pcmag.com/article2/0,2817,2308363,00.asp

Stop Your Boss From Spying on You

Privacy may be dead, but that doesn’t mean you have to enjoy having your every electronic move tracked by your nosy manager. If you use a company-supplied PC on a corporate network, and you carry around a company smartphone, you’re almost certainly being watched. But with a bit of forethought and some of your own gear, you can enjoy a little digital liberty in the workplace.

At this point, there’s little debate about whether companies have a right to monitor employees’ activities on corporate PCs and networks. If they supply it, they have a responsibility to monitor it. So unless your company is either deeply clueless or naively altruistic, your Web surfing, your instant messages, your running applications, and even your keyboard keystrokes are probably being recorded. And if your boss was generous enough to issue you a smartphone, chances are good that your SMS messages, and possibly even your daily travels, are being tracked as well.
PC Monitoring

In corporate-security speak, the software that monitors what’s happening on your PC falls under the general heading of endpoint security. The term refers to everything that goes on between you and your machine, from how you use your computer to the way the software on it works to the physical location of the system. Your IT department needs to know what’s up with your PC (and you) to make sure the computer doesn’t fall prey to malware, putting company data at risk and potentially harming the business.

Any company with a reasonable IT budget will almost certainly have installed a comprehensive security package from a company such as McAfee, Symantec, or Trend Micro. These suites handle everything from antivirus protection and system update management to corporate policy enforcement, and that last task generally includes keeping logs on which apps you launch, which Websites you visit, and so on. To make matters worse for a privacy-minded employee, a typical endpoint-security suite is tightly integrated not only into the PC’s operating system (with permissions restricted to keep you from meddling with it) but also into the data center, where a server (or possibly a remote host) checks on the PC frequently to make sure everything is okay.

Unless your IT department is using some rinky-dink freeware to monitor you and chronically neglects to check it, disabling the monitoring features on your endpoint-security installation isn’t really an option. Even if you were to succeed, the server-side administration tools would throw a red flag once your system stopped reporting in.

The best way to get around PC monitoring software is to sidestep it entirely by using a PC that only you control. In other words, bring your own laptop. If your boss asks why you’re not using the one Big Brother issued you, say that the keyboard makes your wrists hurt. The mere suggestion of a potential OSHA case may be enough to send your boss ambling down the hall in search of someone else to dump their passive-aggression on. (Just try to steer the conversation away from any suggestion that you hand the machine over to the IT department for any reason.)

Once the boss is out of your hair, install a few sneaky utilities to help you goof off on your PC without getting caught.

Apple iPad 2
If bringing a whole separate PC to work seems over the top to you, take the simpler route: Internet-connected tablets like the iPad or the Motorola Xoom are ideal for stealthy surfing, and they’re unlikely to raise the boss’s eyebrows. In fact, they might even create the impression that you’re ultraproductive, showing the whole office that you take your work seriously enough to bring your own hardware. (Note: Playing Angry Birds on your tablet in front of coworkers all day will likely undermine that impression.)

Or just use your smartphone. (Provided it isn’t a company-issued handset, that is. More on this topic later.)
Network Monitoring

Your work PC is only the first link in a chain of surveillance that extends from your keyboard to basically every other piece of equipment on the corporate network. In some offices, even the copy machine keeps tabs on you. At the very least, all of your network use is likely being logged somewhere. To avoid having your browsing tracked, you need to get off that network.

Thanks to the proliferation of 3G and 4G data services, it has never been easier to enjoy a little semiprivate (nothing is totally private) Web surfing from the office. This development will likely prove to be terrible news for employers, but it’s great for lazy workers who like to goof around on the job.

Overdrive and MiFiThe Sierra Wireless Overdrive (left) and Novatel Wireless MiFi are two great options for surfing the Web without using your company’s network.
You have several good choices for bringing a mobile broadband connection to your PC. You can buy a computer with mobile broadband built in. You can use a USB dongle. You can use a wireless tethering device such as the Novatel Wireless MiFi or the Sierra Wireless Overdrive. Or you can just tether to your personal smartphone. Depending on which option you choose and how much data you plan to eat up, these services will typically set you back between $25 and $80 per month.

If you decide to go the smartphone-tethering route, be sure to keep your phone charging on your desk the whole time. An hour of data tethering will easily blow through your phone’s battery.

Should the expense of your own mobile data service seem unreasonable for the privilege of escaping your boss’s watchful eye, at least take one simple precaution when using your own machine on the company Wi-Fi network: Give your computer an anonymous name.

If you accept the default account settings when you set up your PC, your computer will likely announce you by name whenever you connect to the network, presenting itself as, say, “Dan Thompson’s PC” or similar. This name is usually visible not only to your company’s IT department but also to everyone else on the network–your coworkers, your boss, the woman in accounting, everyone.

Change the name of your PC to something innocuous and nondescript; heck, change it to a random string like 9873r54C. Then nobody will know what it is, and it’ll just blend in with the long list of devices on the network. And more important, if anyone ever does try looking into what it is, what it has been doing on the network, or where it came from, it won’t point so obviously to you.

Even if you’re out of the office, or if you work remotely, your Web activity can still be tracked whenever you connect to the company’s virtual private network. The solution here is simple: Disconnect from the VPN whenever you’re not using it, and stick to work tasks while you are connected. This is good practice anyway, since you have no solid reason to stay connected to the VPN when you don’t need it.

If your company issued you a smartphone, don’t assume that anything you do with it is private. Tracking everything from calls and text messages to apps installed is a trivial task for your IT department, and with mobile security gathering increasing attention of late, chances are good that your device’s network activity is at least showing up in a log somewhere.

Even if you’re not a total slacker, it can be a good practice to carry your own smartphone for personal use. Besides, doing so will give you the advantage of having an untracked device and network connection as mentioned earlier.

In the grand scheme, of course, there’s no such thing as online privacy. And although I know it’s none of my business what you do with your time at work, it actually is–both literally and legally speaking–your boss’s business. So don’t blame the company for wanting to track your computer use. With that said, however, I don’t blame you for wanting to loosen the leash a little from time to time. Just use your best judgment, and don’t get yourself into trouble.

Article Source: http://www.pcworld.com/article/222710/stop_your_boss_from_spying.html