Comment on this story
Comment
You’ve decided to leave your job and now it’s time to turn in your devices. But what should you do first? Grab all your personal documents and delete them? Do a factory reset to ensure none of your personal data gets left behind? Or do you turn the devices back in as they are, with your two-year-old’s photos and medical documents in tow?
These are common questions workers face as they switch jobs, which became increasingly popular during the Great Resignation. And it’s become particularly tricky as many workers’ professional and personal lives — and their corresponding data — have become intertwined during the pandemic with new flexible working styles. But properly navigating how to keep track of what’s yours, what’s not and how best to transfer your data may be the difference between an uneventful departure and one that could spur internal investigations or even civil or criminal charges.
“With the increase of people working remotely and more geographically dispersed because of covid, this comes up all the time,” said Mark Neuberger, labor and employment lawyer at Wisconsin-based firm Foley & Lardner. “It’s a significant issue for both employers and employees.”
But don’t fret. Workplace security, software and legal experts have offered us advice to help you through this transition. Before we dive in, I’d like to remind you that the Help Desk is here for you. We want to hear about your toughest workplace tech challenges and curiosities. Drop us a line and we’ll do our best to find answers for you.
That said, let’s get down to business.
Q: What should I do and avoid before returning my company laptop or mobile device?
A: To make your life easier upon exiting, experts say it’s best to get ahead of the problem rather than spending your last days frantically trying to figure out what’s where and whether something belongs to you. The three best ways to do this are to keep as much of your personal documents, photos and files off company devices or alternatively in one place — like a folder on your laptop — so you can easily find your data. Make sure you know your company’s rules, and be transparent with your employer about what you’ll be taking with you. But beware: Some things you think you own may be disputed by the company as their property.
“The safest, most conservative thing to do is to go to your employer first and not take anything off of company owned devices that the employer doesn’t consent to,” said Mike Kasdan, partner who focuses on intellectual property law at Connecticut-based law firm Wiggin and Dana. “But you should also have a broader concept of what [might be considered] trade secrets. It gets into financial information and customer and supplier information.”
Transferring contacts/data: A list of contacts could be viewed as a client list to your company, which may be considered proprietary information that can’t leave the company. So it’s always best to check with your employer before exporting your contacts from Outlook, Gmail or your smartphone. (Look for ‘export’ in Gmail and Outlook to transfer contacts to a CSV file, which can easily be imported to another device. You can also export email and calendar items. Both Android devices and iPhones allow you to either export contacts or directly transfer contacts to some devices.)
The same can be true for seemingly innocent transfers of data. For example, you may want to take a presentation you would like to use as template for the future. But if that presentation has private company information in it, you could get into hot water. The same is true for casual emails you might want to keep or calendar entries that may include sensitive information.
“That’s one of the easiest ways to get into a lot of trouble,” said Dan Wilson senior director analyst, who covers the digital workplace for Gartner. “So make sure to fully understand the context and content of the data.”
Even if you are taking what you consider indisputably yours — perhaps you have personal medical documents or family photos on your devices — if you’re moving large amounts of data around, deleting and exporting, you could trigger company monitoring systems. Wilson said some companies monitor movement of data of employees who may have access to valuable information, are disgruntled or are headed to a competitor. Large amounts of data movement could signal an unauthorized transfer even if it’s not nefarious.
“You’re better off getting someone to agree to remove that data, whether it’s HR or a supervisor,” Wilson said.
Search for data: Workers commonly forget where they may have personal data stored, even if they’re making their best efforts to keep it together. For example, you may have downloaded personal files and left them in the “downloads” folder on your laptop or the “files” folder on your iPhone. There may be photos in your WhatsApp or text messages. So make sure you check all apps and folders where you may have unintentionally stored personal items, said Mark Ostrowski, head of engineering at cybersecurity software firm Check Point.
Deleting items and logins: If you do decide to delete personal photos or documents, know that your company may already have a copy. Deleting emails likely won’t delete the company’s copy of it. The same may be true for items on your phone. But Ostrowski said it’s still worth deleting so there aren’t extra copies on your devices. You may also want to review and delete items backed up in your cloud storage, too.
“Have a good idea of what your footprint looks like,” Ostrowski said. “It’s super important.”
You also should make sure you’re logged out of any apps, especially personal accounts like Amazon, Gmail or Facebook, and clear your web browsers’ history as well as any saved payment or login information, said Wilson. Log out of your Apple ID and turn off “Find my” tracking setting if you used a personal account.
Factory reset? When deleting data, be extra cautious, as this could lead to legal trouble. Experts recommend that you don’t do a factory reset. Employers often have their own rules around data retention and in some cases may be legally obligated to keep certain information for a specified amount of time. So leave the factory resets to your employer.
Forgotten data: Workers should also make sure they check for anything they may have inadvertently kept. Did you once download a presentation or client sheet onto a thumb drive or external drive so you could work from home? Did you email your personal account with some documents that have sensitive source code in it? These are all possible red flags for employers and could cause you problems at your new place of work.
“You don’t have to have to have the nuclear codes to get in trouble,” Neuberger said. “Worst case scenario … they can come after you with civil or criminal charges.”
The reality is that tracking and separating work and professional data have become messy. While experts say the best practice is to avoid using work devices for anything personal, there’s likely to be some crossover. And often employers are relatively understanding about the issue, experts note.
“Not everyone can have two phones and two laptops,” Kasdan said. “But it does help to be organized … and [honest] with your employer.”
Source by www.washingtonpost.com