When it comes to account logins, especially those with large overarching platforms like Microsoft, the line can sometimes get blurred between personal and business accounts.
The pandemic and rise of work-from-home teams have made this even more pronounced. It’s estimated that once the pandemic has passed, there will still be 25% to 30% of employees working from home multiple days per week.
When the line between business and personal gets blurred, it can lead to problems, security risks, and loss of important business data. That’s why companies should not allow employees to use a personal Microsoft account when using a business PC.
Instead, the company should have a business account set up for the user that uses their work credentials, which companies maintain control over.
What can go wrong if you use a personal Microsoft account on a work computer?
Here are a few of the pitfalls.
If an Employee Leaves, Their Account Goes With Them
The Windows environment can include several types of files and data that need to be retained after an employee leaves your company. This could include syncing backup files, browser-stored company passwords, etc.
If you’ve allowed an employee to use a personal Microsoft account on their business computer, you could end up losing all that valuable data when they log out and leave the company for good.
If the person is using a business account, you retain control of that account and to the entire Windows environment that’s attached to it.
Personal Files Can Sync and Mix With Business Files
One of the prompts that Microsoft gives during Windows setup is to sync your files with OneDrive so you can access them from other devices (smartphone, tablet, etc.). With both personal devices and a work device syncing on the same user account, you end up with an unsecured mix of personal and business files.
This is bad for both the company and the user because each can have sensitive information end up in places they never intended.
For example, you don’t want a child of an employee that is using their parent’s tablet to be able to access and accidentally delete business documents. Just as an employee doesn’t want their vacation photos to end up being backed up to a shared company folder that the whole company can access.
Personal Wallpapers May Not Be Work Appropriate
Microsoft accounts save user settings, and this includes desktop wallpapers. If an employee is signing into their work PC with a personal Microsoft account, then whatever personal wallpaper they set for their home computer will default.
This could be a problem when they’re in a meeting and are asked to share a screen if that wallpaper is less than work appropriate.
The Employee’s Personal Account Could Have Access to Active Directory & Other Sensitive Environments
If an employee is an administrator of a company network and has access to your Active Directory, Azure environment, and other administrative areas of your IT infrastructure, allowing them to use a personal account can be a big security liability.
If that same user has a cloud account breached that uses that same personal email address, then any other account using the same credentials is at risk.
It’s best to keep all accounts, and especially those of administrators, on company Microsoft accounts that you control and can set permission levels for.
You Risk a Compliance Breach & Leak of Sensitive Information from a Personal Device
If an employee is syncing work files with their home PC because they’re logged into both on the same personal Microsoft Account, this can leave you open for a PCI, HIPAA, or other compliance breaches.
If you have sensitive customer or vendor information that is considered PII (Personally Identifiable Information) and it’s accessible from an unprotected device, you could be fined some stiff penalties should that device be breached, lost, stolen, or infected with ransomware.
Stored Account Passwords Can Be at Risk
Another area where it’s a bad idea to mix personal and business is browser-stored passwords.
When logged into your Microsoft account, Edge will provide access to any stored logins saved on that user account.
This would give anyone using that employee’s personal devices access to stored company logins. What happens if that employee is in the accounting department and has stored the online banking login while logged into their personal Microsoft account? Just one nefarious “friend” borrowing that person’s laptop could mean a major problem.
Stored personal passwords are an issue on the employee’s side as well. For example, they could get a workstation upgrade and forget to log out of their Microsoft account. Then someone else that is issued their old PC could have access to a saved Amazon account log in with a stored credit card attached.
Need Help Properly Setting Up Your Microsoft Logins?
C Solutions can help your Orlando area business sort through any potential issues with work and personal accounts so you can reduce unnecessary risk.
Schedule a free consultation today! Call 407-536-8381 or reach us online.