We’ve been saying this to our clients for years, but especially with many of us working from home, it needs to be reiterated – do not use your work devices for personal use, or vice versa.

While this isn’t a new warning out there, it is one that has become more relevant since the start of COVID-19 with more people working from home. It can be far too tempting to interchange our work and personal devices when someone is sitting at a desk, kitchen table (or the couch), to have meetings, do personal video chats, shop online and more. Even the closest device, regardless of it being one from work or originally from home, can be tempting for other family members to use for a “quick” Google search, submit a homework assignment, or check social media. The line between using personal and work devices for any purpose has been definitely been blurred for some.

There are a few major risks that should caution you from using personal devices for work; and browsing and storing personal data on work devices. Not only could it be uncomfortable or embarrassing should a situation arise where someone at work needs access to your device and finds personal information – but it could also lead to serious consequences should a cyber-attack occur and a seemingly harmless bit of data has been saved or accessed on the wrong device.

In this article, an example is given about an ex-CIA director, who’s family ended up using his work laptop (that was connected to the internet, with hard drives containing classified information) for a variety of personal reasons, such as for university, preparing documents for travel and even a few high-risk porn sites. Once it was discovered that his family had access to his work laptop and were using it regularly, his security clearance was revoked and he pleaded guilty to a misdemeanor charge.

Now, it does say there was no evidence that any confidential or top secret information was accessed or compromised. But if there had been evidence of a hack, the damages that would have followed could have been catastrophic. Given that cyber-attacks can happen via phishing, credentials being accessed on the dark web, malware etc, it is critical for you and your team to be aware of when they are using both work and personal devices.

This is even besides the fact that if someone leaves a job or changes a machine, they might not have the time to remove their personal data completely from their work device. Not to mention that since the beginning of COVID-19, surveillance and monitoring software has become more prevalent in workplaces with people working from home.

So the takeaway – save yourself a potentially embarrassing situation (or worse) and help your company with security: do work on work devices only; and keep personal data/browsing separate.