Dangers of using your personal email at work

There are many free personal email accounts available whether you get it from your Internet Service Provider, Gmail, Outlook.com/Hotmail, Yahoo, or others. With the easy availability and numerous features of these solutions, it is tempting to sometimes use them at work or for work related tasks. What may not be so apparent are the security concerns in doing so. Below are a few of the reasons to not use personal email providers for work activity or access your personal emails at work.

Personal email accounts for work tasks
Opening emails in your personal account bypasses all the email security tools that have been designed for our work environment (blocking known spammers, virus scanning, filtering SPAM messages, limiting who can send to sensitive distribution lists, etc). Our system was designed to meet the legal and best practice requirements our agency operates under. Two examples of these requirements are the Washington OCIO standards and Washington data retention laws.

A common way for attackers to compromise a machine is to pose as an online advertiser and slip malware into their banner add. All a user needs to do is visit the site and they inadvertently execute the code. This has happens quite often and to even big name sites like NBC.com, MLB.com, New York Times, and the London Stock Exchange. The nice thing about most corporate email, including CTS, is that it doesn’t have banner advertisements so it can’t be infected using these means.

Viewing personal email at work

Could the latest funny video sent by Uncle Tom or Aunt Susie be infected with a virus? Who did they get it from? Do you trust the creator of the email and everyone who forwarded it?
Do you have personal emails you don’t want to share with the public? If you access it on a state computer or through the state network it can fall under the Freedom of Information Act.

NBC.com infected
Banner Ad Malware