Why You Shouldn’t Mix Personal and Business Browsing

Unlocked Padlock
Using browser profiles is extremely useful. It allows you to sign in on multiple devices and get the same bookmarks, passwords, and history across your devices. BUT, you should never use the same profile for work that you use for your personal browsing, and for good reason.

Don’t Use Personal Browser Profiles At Work

Assume that on your work computer, your company can see everything that you do. That’s not always the case, but some IT departments do actively deploy monitoring software to see employee activity. Even if they don’t, your company has the right to see it and could ask you at any time, or even get IT to change your password to log in as you.

In another scenario, some businesses, when staff leave, rather than setting up new accounts for the replacement may simply change the name on the existing account. That means that your replacement would potentially have access to all your browsing history and saved passwords if you store them on your company device!

Don’t Mix Business and Personal Browsing From The Same Profile

Here’s a perfect example of why you should not mix up your work and personal browser profiles:

Unauthorized Access to Okta’s Support Case Management System: Root Cause and Remediation | Okta Security

Okta is a single sign-in tool that is used like a password manager and can sign you in to sites with one click. Very useful!

Unfortunately for them, one of their staff signed into their personal Google account in their browser and they then saved their Okta password in that account.

Hopefully all your business online accounts are protected by MFA which should be enforced, but that’s not the case with personal accounts which you need to set up yourself. Here the employee’s personal Google account was compromised and with it, all the employees personal passwords they had stored in their browser, including their administrative login to the Okta system. This gave the attacker access to their Okta account and with it, the accounts of the companies the employee managed.

The unauthorized access to Okta’s customer support system leveraged a service account stored in the system itself. This service account was granted permissions to view and update customer support cases. During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account. The most likely avenue for exposure of this credential is the compromise of the employee’s personal Google account or personal device. 

How To Balance Work and Personal Browsing

Everyone needs to take a break at work, and that might mean using the internet for personal browsing on your company device, and most of the time this is going to be fine. If you’re reading the news, maybe even watching YouTube, there’s not a lot that can seriously go wrong (but do check your company’s IT Policy about that).

Assuming that this is all OK, I would still recommend that you take a few extra precautions to protect your company and personal data from cross-contamination.

Use Private Browser Sessions

Use Private Browser Sessions
Use Private Browser Sessions

Private browsing doesn’t mask or hide what you access on the internet and this is still visible to the ISP, and possibly your company IT Department. But, it does delete the browsing history when the browser is closed. This stops it appearing in the history of the main session.

It’s also very useful if you have multiple accounts on the same platform, such as Microsoft 365, allowing you to use your preferred browser for multiple concurrent sign ins.

How to Open Private Browsing Windows – Macnamara ICT

Use Multiple Browsers

Use Private BrowUsing private sessions doesn’t prevent you saving personal passwords in your company browser, or vice versa. If you have multiple browsers installed, use a private session on another browser you don’t use for work. For example, if you have Edge for work signed in with your M365 account, use a private Chrome session, without a signed in profile, to browse during your lunch break.

Never Save Personal Passwords at Work, Or Work Passwords At Home

Just get in the habit of not saving any personal passwords in your work browser. If your company allows you to work from a personal device, have a work profile set up and keep your activity separate.

How to Sign in to Edge Browser – Macnamara ICT

Setting Up A Sync Account in Firefox and Chrome – Macnamara ICT

Set Up MFA On Your Personal Accounts

MFA is not just there to protect company data, it’s there to protect you! Make sure all your personal email accounts, bank accounts, and anything else that you use has MFA enabled. If anyone ever gets hold of your password, they won’t be able to access your account without your phone. If you store passwords in your browser, make sure at the very least that account has MFA enabled so at least you’re not exposing your saved passwords.

Why Use Multi-Factor Authentication? – Macnamara ICT

Like this article?

Share on Twitter
Share on LinkedIn
Share by Email

Subscribe to our monthly newsletter

Get the best IT tips and Office ideas in your inbox

Further reading

How To Set Up Signatures In Outlook

Email signatures are important and have a number of purposes. A well designed signature can be a real benefit to your company brand. They also provide all your contact details, can be used to help with marketing campaigns, and if you’re a business, provide important required information about your company registration. Here’s some guidance on adding signatures in Outlook.

Read More »

How To Find The Conflicts Folder in Outlook

In Outlook, the Conflicts folder is like a record of problems when your emails don’t sync well with the mail server. If there’s trouble syncing, you might end up with extra copies of the same email. These issues get listed in the Sync Issues folder. You wouldn’t often need to look in this folder, but over time it can get quite big, so you might occasionally need to see it to empty some space.

Read More »

How To Get Best Experience From Your Wireless Access Point

We all know that Wi-Fi can be much more convenient for your office setup than connecting everything via cable, and as Wi-Fi speeds and connectivity get better, more offices are switching to wireless. However, many people have concerns that wireless is less reliable than cabled, and they worry that they will struggle with weak signals or frequent disconnections. This blog will provide you with all the knowledge you need to get the best wireless experience and keep you at your desk rather than under it, fiddling with cables.

Read More »
Scroll to Top