Inappropriate material on work computer

[Katrinawaves]

I’ve found myself in a mess and not sure what to do.

Been having marital problems with my husband and have recently discovered he’s been using online porn, websites for extramarital affairs and also booked a threesome with prostitutes online. As if that wasn’t enough of a total headfuck, last night I discovered that our google browsing history on our home computer has synched with my work computer and all these sites are in the browsing history on my work laptop.

I told my boss as soon as I became aware and have just been emailed to say that a meeting has been set up on Monday with the head of cyber security at work. Am now even more stressed and panicking. WTF do I do now.

I’ve never shared my work password with my husband and I don’t think he has downloaded anything via my work computer. This is just I think a syncing issue. I’ve only been employed for 10 months so have no employment rights. Have an otherwise exemplary HR record.

Oh no if its syncing then it should be possible for them to see what's being viewed on which device. However, it depends if work are reasonable or not.

It's too late now, but I'm guessing you're using something like chrome? You can deactivate syncing on it.

Yes it is chrome on both devices.

I’m so humiliated to have to even tell work that this has been happening in my personal life but to potentially lose my job over it is tipping me over the edge stress wise. Even if they don’t fire me, people are going to know what’s happened and that’s not something they will easily forget

@Katrinawaves please try not to worry. I'm sure work will be able to tell which device actually accessed it. You have done the right thing by being proactive.
Not sure what your plans are re marriage but having support from your boss should your marriage breakdown is not a bad thing.
Just remember that none of this us your doing and no need to be embarrassed by the actions of your husband xx

Did you have another thread about this, OP? I read something with more posts earlier today.

IT will have dealt with many employees accessing sites they shouldn't have, this will be small fry to them.

Horrible situation and worse that you’ve had to let your employer know.

The meeting could be to help you ie instruct you how to set up your home pc to protect your personal content and work content.

If they were they were thinking of disciplinary action HR would be involved, surely.

Stay strong.

This happens all the time with Chrome. Honestly, I think by telling them you've probably forced them to act. The history can just be cleared across devices and most IT depts wouldn't ever find it because they are not set up to look at browsing history - just traffic over their own network.

@HollowTalk yes I posted in IT last night trying to work out what might have happened. The employment issue is new though - I’ve just found out about the meeting - and is an employment issue not an IT one so I started a thread in this part of the forum for advice on how to handle this side of things.

You shouldn’t have shared your password; I suggest that you don’t tell them you have and delete this thread as that is a sackable offence in most places of work. Syncing devices is slightly different, they might not be impressed by that but would be treated differently than password sharing.

Awful situation for you to be in.

Try to look at the positives (I know it’s hard!)

You let them know as soon as you found out, that shows integrity
You haven’t downloaded anything, IT will be able to prove that
You will be honest with them and look for support
Work out how you can stop this happening again, show them you have thought about ways to stop the issue happening again

Hopefully they will be sympathetic to your situation, dig out your computer policy and have a read YOU haven’t done anything here

I didn’t share my password. I’ve never told him my password and never left my work computer logged in at home. I said that in my OP.

They will be able to see what times it was accessed and on what device, so if it's simply synced over, that will be clear. Although is it against your IT policy to have your home and work computers syncing? It has always been for me, so that there's no risk of work systems or documents being accessible from personal devices, but I work with the Cloud a lot. It may not be standard.

All you can do is go the meeting, explain what you believe has happened and assure them that you wouldn't allow the devices to sync again. Have you been told if you can take someone to the meeting? If so, are you planning to take someone?

Is the chrome sign in a personal or work gsuite sign in?

It could just be to make sure you are all clear how It happened and how to prevent it recurring. Hence cyber security involvement.

I'm sorry you're having to go through all this.

It’s a personal sign in. At work we use internet explorer for email and calendar but our intranet and training don’t work properly on IE so we also have google chrome installed to access them. I don’t have any work google credentials only personal ones.

It's really easy to see on chrome history which devices have visited which sites. I think you should be OK

Ok

Then sign out of the personal sign in on chrome on your work laptop. If you have to sign in to chrome (unlikely it’s a convenience) set up a new gmail and use that to sign into chrome at work.

Your remaining issue is any cached work credentials in chrome on your previous sign in as by using the same browser sign in on a non work device anyone using it could have accessed work information.

Did your employer provide any guidelines on using chrome when it was installed?

@CatalogueUniverse. No we didn’t get any training when I joined.

I haven’t been using work applications on my home computer though and I don’t have any google work credentials. I have occasionally checked my personal gmail account on my work computer which I guess is how the browsing history from home has got synched across. We’ve never been told this is not permitted.

I don’t really know whether any confidential work stuff will be on my home computer because of what’s happened. Presumably cyber security would be able to see if that was the case from the browser history and help me delete it?

That might still leave my job at risk though if this has happened.

If your employer did not provide specific guidance on chrome - do not sign in, or only use a sign in you do not use anywhere else, it’s their security hole.

They could have configured it to block sign in. Or set up g- suite and only allowed work sign in. Or various other options.

Ultimately if they neither specifically said- this is how you must use chrome, or prevented the use of non- work g suite sign in it is not your fault.

The cached credentials I mean are the ones you use to sign in to the intranet and training. Or any other work sign ins you have made when using chrome. That remember me option is useful, but does transfer if you use same chrome sign in on another device, so anyone using the signed in chrome could access whatever websites have saved your sign in info.

There is absolutely no way you will be the only person who has been unwittingly caught out by this. As soon as anyone goes into gmail, chrome “helpfully” signs in the browser as that account.

Hi, OP - well done for ‘owning’ the situation and telling work.

I suspect involving the Cyber Security is to purge your history and avoid a recurrence from a tech perspective

Irrespective of this issue what does your terms & conditions say about accessing the likes of personal email accounts with work IT. How are you covered if for instance you open an infected email which corrupts your laptop? If there's nothing in their guidance that forbids that kind of thing then you should be ok.
Their IT procedures might be in the small print so do some digging if you can.

I suspect involving the Cyber Security is to purge your history and avoid a recurrence from a tech perspective

That's my thought too. The fact that you told them as soon as you found out will be in your favour too.

Good luck.

Yes, I think that CS will want to prevent a recurrence. I don't think it means you're in trouble, OP. I can't imagine this has helped your marital problems.