Security Experts:

Things to Remember While Holiday Shopping at the Office

This week, and the week after, plenty of you will do some holiday shopping at the office. Cyber Monday, nothing more than a crafty way for sales and marketing people to bill extra hours, offers huge savings and an equal dose of risk. Here are some things to consider if you’re planning to partake.

Rule number one. Unless the office allows personal Internet usage, you could be risking your job if you’re caught shopping on the company clock. This includes using your mobile device or the system assigned to you by IT. Then again, according to Robert Half Technology (IT headhunters), you may be in the clear.

The staffing firm recently said that about 30% of the 1,400 CIOs they interviewed reported plans to block Web-based storefronts, translating into a clear sign that employees were free to shop for the most part. However, the report made no mention of how many of those CIOs were not planning to block shopping due to existing policies enforcing a ban. In addition, 55% of them said that while they would allow it, they would monitor access for excessive use.

"Many businesses acknowledge the need for flexibility during the hectic holiday season and allow some online shopping at work, within reason," said John Reed, senior executive director of Robert Half Technology.

The reality, Reed added in a statement, is that allowing employees to tackle personal to-do lists at work can help maintain productivity because workers are spared the traffic delays and long lines that accompany holiday crowds.

At the end of the day, “no online promotion is worth putting your career at risk,” Robert Half adds as a reminder.

After that, the other aspects to consider this holiday season are the ones that are standard most of the year. Avoid clicking on random links that arrive via email promoting a sale or other promotion. Ensure that your system is using the latest browser version; has all of its OS patches, and the anti-Virus is up to date.

"Scammers and online phishers see one thing when it comes to the holidays — more consumers sharing their information online to steal," said Entrust President and CEO Bill Conner. "As consumers have moved to using mobile devices and conducting transactions online, the number of breaches and hacks has increased. Malware that can infect your computer and take your credit card information is easily hidden in fake emails and pop-up ads. However, simple awareness can be one of the biggest obstacles to cybercriminals stealing your information."

“Buy from websites that have established a reputation for doing what they say, providing accurate descriptions of merchandise, and delivering it in good shape and on time. When you’re getting down to the wire with shipping deadlines, the last thing you need is friends and relatives getting the wrong gifts, which could be worse than no gifts at all,” advises ESETs Stephen Cobb.

Entrust also reminded of the importance of keeping Browser and security software up to date. “Those reminder pop-ups you receive may seem like an annoyance; however, these are sent for a reason. Many browsers and security vendors update the technology based on specific malware and/or viruses, and those updates are extremely important to guard against those particular threats,” Entrust noted. “The newer browsers also feature more advanced anti-phishing tools (e.g., EV SSL) than older browsers. As a result, it is wise to be diligent about regularly updating software.”

In addition, Cobb added, that it’s important to pay attention to where you are connecting from.

“If you need to do any shopping over Wi-Fi, at home or at a hotspot, make sure it is secure (look for the lock symbol in the Wi-Fi connection dialog). The last thing you want is someone snatching your personal and financial details out of thin air as you transmit them from your laptop (or smartphone or tablet).”

If possible, shop by using a pre-paid credit card or a credit card. This way, if you fall victim to a scam or card related crime, there is a much larger chance of limiting your loss. These protections do not exist for debit cards in most cases.

There are some other general tips available from ESET, which can be seen here. Otherwise, shop smart and safe during the holiday season.

Subscribe to the SecurityWeek Email Briefing
view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.