It’s harder than you think
The scenario is this: you’re ending a long and successful relationship with your employer (or maybe a not-so-long or not-so-successful one).
While there, you were allowed to use your work computer to check your personal email, use an instant messaging client, check in on Facebook, and even surf the web for non-work related things.
Now, on your way out the door, you’d like to make sure your personal account information isn’t left behind. Perhaps you’d like to clean up a few other traces of your activities as well.
Become a Patron of Ask Leo! and go ad-free!
The only complete way to remove yourself from a machine is to erase the hard disk completely and reinstall the operating system. You can clear traces from messaging software, browsers, email programs, and various parts of Windows own history, but it can never be complete. Best is to avoid there being an issue by using your work machine only for work, and never doing anything on it you wouldn’t want discovered.
It can’t be done completely
Before I begin, I must caution you: there’s simply no way to ensure that all traces have been completely and irrevocably removed.
The only way to do that is to reformat the machine you’re leaving behind, erasing everything on it, which I assume you’re not allowed to do. Even if you were, had your organization installed spyware or been monitoring your network activity — both of which are allowed in most workplaces — the traces you might want to erase might not even be on your machine.
The steps here will keep honest people honest, making it difficult (but not necessarily impossible) to recover some of your information. Should someone have enough interest and resources, it’s possible to recover a tremendous amount of supposedly deleted information. It’s not easy or cheap, but it is possible.
Before you ever use someone else’s computer — even “your” computer at work — be aware that you will leave a trail, and behave accordingly.
Chat and Instant Message software
IM software seems to be a particularly convenient and not terribly intrusive way to stay in touch with friends, family, colleagues, and even coworkers.
There are several things you’ll want to work with before you leave.
- Message history. Make sure it’s not only turned off, but deleted as well.
- Auto-login. Make sure this is turned off.
- Remove your account. This one’s a little less obvious. Even without auto-login selected, your account may still be listed as an option for logging in to whatever messaging program you use. Look for ways to delete that, if you can.
- Change your password. This is just good practice. Do it from a different machine, such as your own at home, where you know your activity is not being monitored.
Exactly how you do each of those things, or whether they even apply, will vary depending on the specific program you’ve used.
In an effort to be helpful, most web browsers remember a lot of information you’ve supplied as you’ve used them. Some things to do before you leave include:
- Clear history. This is the list of sites you’ve visited over some period of time.
- Clear auto-fill. These are the suggestions that appear when you’re filling out online forms or typing things into the address bar.
- Clear remembered passwords. While having the browser remember passwords for you can be a convenience, realize that your information is available to anyone who uses that computer after you do.
- Clear the cache. The cache is a speed optimization that makes the browser display webpages more quickly. It also leaves a trace of what websites you’ve visited recently.
- Clear cookies. The cookies left on your machine by the websites you visited amount to a record of which sites you visited.
There’s a strong argument that you should clear absolutely everything your browser will allow you to clear.
This will vary a lot based on the email client you use, but in general, here are the things to look at.
- Empty deleted mail. Empty any “deleted mail” folders that hold personal emails or information.
- Remove personal mail. Scan for personal mail in all remaining folders and delete emails as appropriate. You may also want to copy items in some way if you want to save them for yourself. Don’t forget the “Sent Mail” folder, if you have one.
- Delete your personal account. If you’ve configured your email program with your personal email account in addition to work-related accounts, make sure to delete your personal email account settings.
- Change your password. Again, this is just good practice in case you left a trace of your personal email account on the machine. And again, do this from a different machine (ideally your own) after you’re done with your work machine.
- Compact folders. After you’ve deleted your personal email, compact folders if that’s an option in your mail program. Messages can sometimes be recovered from uncompacted files.
In the future, consider using only a web-based email reader to access personal email on your work machine.
Spend time reviewing what’s in My Documents or similar folders, including the subdirectories therein. The Downloads folder is one example where items could be left that you’ve long forgotten about. Be sure to copy any files you want to (and have the right to) take with you.
Consider running CCleaner, the Windows general purpose clean-up tool. It has options to delete a lot of history, temporary files, and saved passwords, not only for Windows but for several common applications as well. When you’re leaving a work machine behind, this is a case where it makes sense to let CCleaner be quite aggressive.
Your next job
The single most important thing you can do to protect yourself in the future is to keep your work and private lives separate. This means never using your work computer for anything personal, period. I know it’s convenient, and in many cases totally safe — but unfortunately, people don’t know how unsafe it is until they’ve been shown the door.
With the ubiquity of mobile devices these days, you have a very pragmatic alternative right in your pocket. Keep your personal life to your personal device.
Don’t connect to workplace Wi-Fi. As I alluded to earlier, businesses are generally allowed to monitor the traffic flowing over networks they provide, which means they could potentially monitor what you do over Wi-Fi.
Most workplaces don’t monitor individuals — at least not without cause. Most places are safe, and most people never run into a problem.
The problem is, we simply won’t know whether or not we fall into the category of “most” until the day we leave — at which point it’s too late.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!