What can the people at your company helpdesk see? Most likely everything. Here’s a story that shows the naked truth about what your helpdesk people might be looking at.

I had just joined the helpdesk team of 16 people. I noticed right away there was a lot of time to burn. The helpdesk didn’t spend a lot of its time helping computer users. They mostly browsed the web all day. They would share downloaded movies and various humorous web sites with one another. One day I saw about 5 guys standing around a desk gazing at the computer screen. They were looking at the contents of another employees PC. This particular employee was a woman who decided to purchase a Handspring PDA with a camera. Among the artsy photos she had in there, she also had pictures of herself, naked. How embarrassing. Upon further review, the PDA software had been uninstalled from the PC long ago. However, the data was kept intact as most software uninstalls are designed not to delete data. This woman spent months with this stuff on her PC. Little did she know that the boys up in IT were enjoying her photography almost every day. There are all kinds of things you can find out about a person from getting documents from their PC. Email, forms, pictures, letters to family members, anything on the computer can be found by any IT employee with admin rights. Some people choose to be lazy about items kept on their PC. They say “What do I care if they find a letter I wrote years ago to my mom?” Others don’t know that IT employees can see everything. You need to take notice and responsibility for what’s on your company PC. It can affect your reputation or even get you fired. I have come across documents with social security numbers, maiden names, credit card numbers, and even images with a copy of a drivers license. All of these can be used for identity theft. I’ve seen email to mistresses and email including a sexual dialog. It’s a good thing our IT team wasn’t into blackmail.

How do you protect yourself? Keep personal items off your company PC. If you connect to your company network from home via a VPN connection, that PC you use can be searched too. Deleting email isn’t good enough to make sure it’s gone for good, but it helps. It’s best not to use your company email account for personal dialog because it is backed up and any email can be undeleted. However, be aware that even your personal web mail can be viewed if you are viewing it from work, although it’s not as likely to be viewed as internal company email.

If you have certain documents that are personal, but you must keep somewhere on your PC, try storing them in a folder that isn’t obvious. This makes personal files more difficult to find. Snoopers are more likely to try to find things in your My Documents folder rather than a folder named “Terri’s School Work”. Make the folder name as uninteresting as you can. Also use ambiguous filenames if possible.

There are also applications available that encrypt documents so that nobody but you can read them without a password. Windows XP includes its own encryption system. You can find out how to use it at http://www.microsoft.com/windowsxp/using/security/learnmore/encryptdata.mspx.

If you have rights to install software on your own computer, install your own personal firewall software. Installing a local firewall will block anybody from getting in and seeing your data easily. I recommend Zone Alarm. You can download a free copy at http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp