It’s harder than you think
The scenario is this: you’re ending a long and successful relationship with your employer (or maybe a not-so-long or not-so-successful one).
While there, you were allowed to use your work computer to check your personal email, use an instant messaging client, check in on Facebook, and even surf the web for non-work related things.
Now, on your way out the door, you’d like to make sure your personal account information isn’t left behind. Perhaps you’d like to clean up a few other traces of your activities as well.
Become a Patron of Ask Leo! and go ad-free!
The only complete way to remove yourself from a machine is to erase the hard disk completely and reinstall the operating system. You can clear traces from messaging software, browsers, email programs, and various parts of Windows own history, but it can never be complete. Best is to avoid there being an issue by using your work machine only for work, and never doing anything on it you wouldn’t want discovered.
It can’t be done completely
Before I begin, I must caution you: there’s simply no way to ensure that all traces have been completely and irrevocably removed.
The only way to do that is to reformat the machine you’re leaving behind, erasing everything on it, which I assume you’re not allowed to do. Even if you were, had your organization installed spyware or been monitoring your network activity — both of which are allowed in most workplaces — the traces you might want to erase might not even be on your machine.
The steps here will keep honest people honest, making it difficult (but not necessarily impossible) to recover some of your information. Should someone have enough interest and resources, it’s possible to recover a tremendous amount of supposedly deleted information. It’s not easy or cheap, but it is possible.
Before you ever use someone else’s computer — even “your” computer at work — be aware that you will leave a trail, and behave accordingly.
Chat and Instant Message software
IM software seems to be a particularly convenient and not terribly intrusive way to stay in touch with friends, family, colleagues, and even coworkers.
There are several things you’ll want to work with before you leave.
- Message history. Make sure it’s not only turned off, but deleted as well.
- Auto-login. Make sure this is turned off.
- Remove your account. This one’s a little less obvious. Even without auto-login selected, your account may still be listed as an option for logging in to whatever messaging program you use. Look for ways to delete that, if you can.
- Change your password. This is just good practice. Do it from a different machine, such as your own at home, where you know your activity is not being monitored.
Exactly how you do each of those things, or whether they even apply, will vary depending on the specific program you’ve used.
Web browser
In an effort to be helpful, most web browsers remember a lot of information you’ve supplied as you’ve used them. Some things to do before you leave include:
- Clear history. This is the list of sites you’ve visited over some period of time.
- Clear auto-fill. These are the suggestions that appear when you’re filling out online forms or typing things into the address bar.
- Clear remembered passwords. While having the browser remember passwords for you can be a convenience, realize that your information is available to anyone who uses that computer after you do.
- Clear the cache. The cache is a speed optimization that makes the browser display webpages more quickly. It also leaves a trace of what websites you’ve visited recently.
- Clear cookies. The cookies left on your machine by the websites you visited amount to a record of which sites you visited.
There’s a strong argument that you should clear absolutely everything your browser will allow you to clear.
This will vary a lot based on the email client you use, but in general, here are the things to look at.
- Empty deleted mail. Empty any “deleted mail” folders that hold personal emails or information.
- Remove personal mail. Scan for personal mail in all remaining folders and delete emails as appropriate. You may also want to copy items in some way if you want to save them for yourself. Don’t forget the “Sent Mail” folder, if you have one.
- Delete your personal account. If you’ve configured your email program with your personal email account in addition to work-related accounts, make sure to delete your personal email account settings.
- Change your password. Again, this is just good practice in case you left a trace of your personal email account on the machine. And again, do this from a different machine (ideally your own) after you’re done with your work machine.
- Compact folders. After you’ve deleted your personal email, compact folders if that’s an option in your mail program. Messages can sometimes be recovered from uncompacted files.
In the future, consider using only a web-based email reader to access personal email on your work machine.
Windows
Spend time reviewing what’s in My Documents or similar folders, including the subdirectories therein. The Downloads folder is one example where items could be left that you’ve long forgotten about. Be sure to copy any files you want to (and have the right to) take with you.
Consider running CCleaner, the Windows general purpose clean-up tool. It has options to delete a lot of history, temporary files, and saved passwords, not only for Windows but for several common applications as well. When you’re leaving a work machine behind, this is a case where it makes sense to let CCleaner be quite aggressive.
Your next job
The single most important thing you can do to protect yourself in the future is to keep your work and private lives separate. This means never using your work computer for anything personal, period. I know it’s convenient, and in many cases totally safe — but unfortunately, people don’t know how unsafe it is until they’ve been shown the door.
With the ubiquity of mobile devices these days, you have a very pragmatic alternative right in your pocket. Keep your personal life to your personal device.
Don’t connect to workplace Wi-Fi. As I alluded to earlier, businesses are generally allowed to monitor the traffic flowing over networks they provide, which means they could potentially monitor what you do over Wi-Fi.
Most workplaces don’t monitor individuals — at least not without cause. Most places are safe, and most people never run into a problem.
The problem is, we simply won’t know whether or not we fall into the category of “most” until the day we leave — at which point it’s too late.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
I use a program called CCleaner (crap cleaner). Its free and does everything (and more) of what you’ve just said – and it deletes things permentally. Just because something’s deleted from the hdd’s page file doesn’t mean its removed or overwritten on the HDD. As file recovery software becomes increasingly cheap and effective, the paranoid have nowhere to turn to.
This is good advice for people who have the opportunity to do this. I know of a couple of cases where people who after having given notice weren’t allowed to touch their computers anymore and were immediately escorted off the premises. Apparently, the companies were afraid they would do something to harm the company. So it might be a good idea to do this clean-up before giving notice, or to be really safe, do it now and avoid using the company computer for anything which might be able to come back and haunt you. Your company can legally watch every keystroke you type on their computers.
Very Good Advice. Thanks!
I just simply don’t use a business computer for access to my personal services. Never have and never will.
I used to just wait until I got home to check my personal stuff. These days, and portable devices being the norm, it makes things a lot more convenient in my favour.
Using a work computer for your personal logging-in sites? Perish the thought. [shudders]
As I was reading the section about browser cache, stored passwords etc tidying, my initial thought was what if your company uses the Chrome browser? Not likely I know as most companies with an IT function default to IE. Unless you’re *really* careful with this browser you’ll have to disconnect the synchronisation that goes on otherwise the next time you synch at home or via your smartphone, all the stuff you get rid of from work goes there as well. This is where a useful feature of Chrome can become somewhat of an annoyance.
I read this article looking for how to remove all reference to my name from a computer. During initial setup, Windows or the computer or both ask for a name, and I unknowingly type mine in. I want to change it to something generic. I tend to pass computers along to people and don’t want them to have my name. This probably applies to computer name, workgroups of whatever kind, or other owner info.
The only way you can change the name on an account would be to create a new administrator account and delete the one with your name. That being said, the only safe way to pass a computer on to another person is to wipe the hard drive and reinstall Windows or restore to factory condition with the restore discs that come with the machine.
How can I securely delete everything except the operating system on a machine?
I have used CCleaner but a new true freeware cleaner on the market beats it hands down. I have compared the two. Try Privazer and you will never go back http://privazer.com/.
I use both CCleaner and PrivaZer. Privazer finds and cleans more stuff, but takes a long time to run. CCleaner is faster and pretty darn good of it is for regular daily use. If you are removing yourself from a machine, definitely PrivaZer.
I am not sure, but try defragging the hard drive to make undelete harder. It won’t stop a professional recovery expert.
Defragging probably wouldn’t help. It wouldn’t guarantee that files couldn’t be undeleted. All it does is rearrange the sectors on the hard drive. The free space wipe on a utility like CCleaner would be a more sure way to accomplish this.
In anything but the smallest companies, your Human Resources droids will have notified the IT droids of your termination date. Depending on how zealous IT is, you will find your account inaccessible on that date (maybe late or surprisingly early). Make sure you have everything off your machine (like if you want to export your contacts or address book or whatever) before that last day. Also, be sure to unsubscribe to any professional newsgroups and send out a change-of-status email to whoever you think will need it. In effect, your last day should not require you to even look at your computer, because if your IT is zealous, it will be a dead terminal.
This will not be possible at the largest companies. I work for a very large corporation with more than 100,000 pc’s. IT has restrictive policies in place to prevent downloading or executing unauthorized programs, so Ccleaner and Privazer are out. ALL email is cached on the servers, and automatic “My Documents” folders backups are scheduled weekly to the network. All workstations that we use are shared among many employees. None of these things can be changed by individual users, except by deleting old personal archives.
On top of that, we have roaming profiles enabled, so that if we are on a temporary assignment all the way across the USA, our files are still available when we log in to another computer in the domain. Since I personally log in to 5 or more local workstations, as well as remote workstations, in the course of my work, my files are everywhere, for as long as the archives exist. Some of my coworkers have 15 years or more of old emails and other correspondence on their systems and the servers.
We can’t make any assumptions regarding the security or lifespan of any of our data, since the data is migrated automatically when our systems are upgraded. We are not authorized to delete or remove our own accounts, this can only be done by IT per management instructions. Usually, the accounts are not even deleted when the employees leave the company, as I can see their users’ folders years after they have left.
Good luck removing your data!
Don
I retired from the federal government 4 years ago this month. The best I could do was to delete the emails and search history on the hard drive. Due to constant backups I knew the data was there on the backups but I made sure someone would have to look long and hard if they wanted it for some reason. I never never used my computer for anything personal I could not back up with an excuse in relationship to my personnel needs. No porn, no playboy, no nothing. I was not stupid and that is one reason I survived for 37 years. Good luck to all
Thought I did a good job cleaning up my laptop when I resigned from a company two years ago but your article tells me I failed miserably. Earliest hint was when a former colleague called me to mention their amusement about a personal document I had scanned and saved on that computer.
For some reason, all of a sudden I cannot logon to my laptop. After entering my password, I get a message stating, “Your User Profile Service service failed the logon. User profile cannot be loaded.” It seemed to happen just after I used Turbo Tax last year, although I can’t imagine that would affect the operation. Any thoughts?
I have worked for many small & large companies over the years & given a company computer to do work with. When you leave a large corporation with an IT dept. they usually don’t even bother looking inside your old computer – they’re too busy to do that. They don’t even ask you for the login info since they don’t login. What they do instead is re-ghost your PC for someone else to reuse as most large companies volume lease their computers (usually for 3 years). By re-ghosting I mean they have a standard company image they write onto the hard drive which overwrites everything you had on there. Essentially it’s the same as restoring a backup image from say Macrium Reflect or some other backup imaging program. All partitions are over-written. Knowing the companies I worked for all did this, I never had to clean my PCs. I just copied any personal files onto an external disk or flash drive that I wanted to save – not any proprietary company data.
I think this is true for many companies. The problem is we can’t really make assumptions about which — about the time you do assume that they’ll wipe your machine, a bored IT tech, or paranoid VP, might start poking around. I think this is particularly true for small to mid-sized companies. (Larger ones are more likely to capture things via spyware, or via the network.)
I’ve used Thunderbird Portable run from a USB flash drive on a work computer to access my emails.