What your IT Department Won't Tell You

In between typing up reports and poring over spreadsheets, we use our office PCs to keep up with our lives.
There's only one problem with what we're doing: Our employers sometimes don't like it. Partly, they want us to work while we're at work. So they've asked their information-technology departments to block us from bringing our home to work.
End of story? Not so fast. To find out whether it's possible to get around the IT departments, we asked Web experts for some advice. Specifically, we asked them to find the top 10 secrets our IT departments don't want us to know. How to surf to blocked sites without leaving any traces, for instance, or carry on instant-message chats without having to download software.
Lifehacker.com
BoingBoing.net
Here, then, are the 10 secrets your IT department doesn't want you to know, the risks you'll face if you use them -- and tips about how to keep yourself (and your job) safe while you're at it.
1. How to send giant files
If you send anything larger than a few megabytes, chances are you'll get an e-mail saying you've hit the company's limit.
Companies cap the amount of data employees can send and store in e-mail.
The Trick: Use online services such as YouSendIt Inc., SendThisFile Inc. and Carson Systems Ltd.'s DropSend, which let you send large files - sometimes up to a few gigabytes in size - free of charge. To use the services, you typically have to register, supplying personal information such as name and e-mail address. You can then enter the recipient's e-mail address and a message to him or her, and the site will give you instructions for uploading the file. In most cases, the site will send the recipient a link that he or she can click to download the file.
How to Stay Safe: Some of the services are more reputable than others. YouSendIt, for instance, is a start-up run by a former Adobe Systems Inc. executive and funded by well-known venture-capital firms.
2. How to use software that your company won't let you download
The first is easier. Say your company won't let you download the popular AOL Instant Messenger program, from Time Warner Inc.'s AOL unit. You can still instant-message with colleagues and friends using a Web-based version of the service called AIM Express (AIM.com/aimexpress.adp). There's also Google Inc.'s instant-messaging service, Google Talk, accessible at Google.com/talk.
All three of our experts pointed to a company called Rare Ideas LLC (RareIdeas.com), which offers free versions of popular programs such as Firefox and OpenOffice. You can download the software onto a portable device like an iPod or a USB stick, through a service called Portable Apps (PortableApps.com). Then hook the device up to your work computer, and you're ready to go. (But if your company blocks you from using external devices, you're out of luck.)
3. How to visit the Web sites your company blocks
The Problem: Companies often block employees from visiting certain sites -- ranging from the really nefarious (porn) to probably bad (gambling) to mostly innocuous (Web-based e-mail services).
The Trick: Even if your company won't let you visit those sites by typing their Web addresses into your browser, you can still sometimes sneak your way onto them. You travel to a third-party site, called a proxy, and type the Web address you want into a search box. Then the proxy site travels to the site you want and displays it for you - so you can see the site without actually visiting it. Proxy.org, for one, features a list of more than 4,000 proxies.
Another way to accomplish the same thing, from Frauenfelder and Trapani: Use Google's translation service, asking it to do an English-to-English translation. Just enter this -- Google.com/translate?langpair=en|en&u=www.blockedsite.com -- replacing "blockedsite.com" with the Web address of the site you want to visit. Google effectively acts as a proxy, calling up the site for you.
The Risk: If you use a proxy to, say, catch up on e-mail or watch a YouTube video, the main risk is getting caught by your boss. But there are scarier security risks: Online bad guys sometimes buy Web addresses that are misspellings of popular sites, then use them to infect visitors' computers, warns Lobel. Companies often block those sites, too -- but you won't be protected from them if you use a proxy.
How to Stay Safe: Don't make a habit of using proxies for all your Web surfing. Use them only to visit specific sites that your company blocks for productivity-related reasons - say, YouTube. And watch your spelling.
4. How to clear your tracks on your work laptop
The Problem: If you use a company-owned laptop at home, chances are you use it for personal tasks: planning family vacations, shopping for beach books, organizing online photo albums and so on. Many companies reserve the right to monitor all that activity, because the laptops are technically their property.
In IE7, click on Tools, then Delete Browsing History. From there, you can either delete all your history by clicking Delete All or choose one or a few kinds of data to delete. In Firefox, just hit Ctrl-Shift-Del -- or click Clear Private Data under the Tools menu.
5. How to search for your work documents from home
The Problem: You're catching up on work late at night or over the weekend - but the documents you need to search through are stuck on your office PC.
The Trick: Google, Microsoft, Yahoo and IAC/InterActiveCorp's Ask unit have all released software that lets you quickly search your desktop documents. On top of that, some will let you search through documents saved on one computer from another one. How does it work? The search company keeps a copy of your documents on its own server, so it can scan those copies when you do a search remotely.
To use Google's software -- among the most popular -- follow these steps on both your work and home PC. First, you'll need to set up a Google account on both machines by visiting Google.com/accounts. (Be sure to use the same account on both computers.) Then go to Desktop.Google.com to download the search software. When it's up and running -- again, do this on both machines -- click on Desktop Preferences, then Google Account Features. From there, check the box next to Search Across Computers. After that point, any document you open on either machine will be copied to Google's servers -- and will be searchable from either machine.
The Risk: Corporate technology managers offer this nightmare scenario: You've saved top-secret financial information on your work PC. You set up desktop-search software so that you can access those files when working from home on your laptop. Then you lose your laptop. Uh-oh.
On top of that threat, researchers have found vulnerabilities in Google's desktop-search software that could let a hacker trick a user into giving up access to files. (Those vulnerabilities have since been fixed, but more could crop up, he says.)
How to Stay Safe: If you have any files on your work PC that shouldn't be made public, ask your IT administrator to help you set up Google Desktop to avoid accidental leaks.
6. How to store work files online
The Problem: Desktop search aside, most people who often work away from the office have come up with their own solution to getting access to work files. They save them on a disk or a portable device and then plug it into a home computer. Or they store the files on the company network, then access the network remotely. But portable devices can be cumbersome, and company-network connections can be slow and unreliable.
The Trick: Use an online-storage service from the likes of Box.net Inc., Streamload Inc. or AOL-owned Xdrive. (Box.net also offers its service inside the social-networking site Facebook.) Most offer some free storage, from one to five gigabytes, and charge a few dollars a month for premium packages with extra space. Another guerrilla storage solution is to e-mail files to your private, Web-based e-mail account, such as Gmail or Hotmail.
The Risk: A bad guy could steal your password for one of these sites and quickly grab copies of your company's sensitive files.
How to Stay Safe: When you're thinking about storing a file online, ask yourself if it would be OK for that file to be splashed all over the Internet or sent to the CEO of your company's top rival. If so, go for it. If not, don't.
7. How to keep your privacy when using Web mail
The Problem: Many companies now have the ability to track employees' e-mails, both on work e-mail accounts and personal Web-based accounts, as well as IM conversations.
The Trick: When you send e-mails - using either your work or personal e-mail address - you can encrypt them, so that only you and the recipient can read them. In Microsoft Outlook, click on Tools, then Options and choose the Security tab. There, you can enter a password - and nobody can open a note from you without supplying it. (Of course, you'll have to tell people the code beforehand.)
For Web-based personal e-mail, try this trick from Frauenfelder: When checking e-mail, add an "s" to the end of the "http" in front of your e-mail provider's Web address - for instance, https://www.Gmail.com. This throws you into a secure session, so that nobody can track your e-mail. Not all Web services may support this, however.
To encrypt IM conversations, meanwhile, try the IM service Trillian from Cerulean Studios LLC, which lets you connect to AOL Instant Messenger, Yahoo Messenger and others -- and lets you encrypt your IM conversations so that they can't be read.
The Risk: The main reason companies monitor e-mail is to catch employees who are leaking confidential information. By using these tricks, you may set off false alarms and make it harder for the IT crew to manage real threats.
8. How to access your work e-mail remotely when your company won't spring for a Blackberry
The Problem: Anyone without a BlackBerry knows the feeling: There's a lull in the conversation when you're out to dinner or an after-work beer, and everyone reaches for their pocket to grab their BlackBerry, leaving you alone to stir your drink.
The Trick: You, too, can stay up to date on work e-mail, using any number of consumer-oriented hand-held devices. Just set up your work e-mail so that all your e-mails get forwarded to your personal e-mail account.
In Microsoft Outlook, you can do this by right-clicking on any e-mail, choosing Create Rule, and asking that all your e-mail be forwarded to another address. Then, set up your hand-held to receive your personal e-mail, by following instructions from the service provider for your hand-held. (That's the company that sends you your bill.)
9. How to access your personal e-mail on your BlackBerry
The Problem: If you do have a BlackBerry, you've probably got a different problem: You want to get your personal e-mail just as easily as work e-mail.
The Trick: Look at the Settings area of your personal e-mail account, and make sure you've enabled POP -- Post Office Protocol -- a method used to retrieve e-mail from elsewhere. Then log in to the Web site for your BlackBerry service provider. Click on the Profile button, look for the e-mail Accounts section and click on Other e-mail Accounts. Then click Add Account and enter the information for your Web-based e-mail account. Now your personal e-mails will pop up on the same screen as your company e-mail.
The Risk: Your company probably uses a whole bunch of security technology to keep viruses and spies out of your files. When you receive personal e-mail on your BlackBerry, it's coming to you without passing through your company's firewall. That means viruses or spyware could sneak onto your BlackBerry via a personal e-mail, says Mr. Schmugar of McAfee. Worse yet, he says, when you plug your BlackBerry into your work computer, there's a chance that the malicious software could jump onto your hard drive.
How to Stay Safe: Cross your fingers and hope that your personal e-mail provider is doing a decent job weeding out viruses, spyware and other intruders. (Chances are, it is.)
10. How to look like you're working
The Problem: You're doing some vital Web surfing and your boss turns the corner. What do you do?
The Trick: Hit Alt-Tab to quickly minimize one window (say, the one where you're browsing ESPN.com) and maximize another (like that presentation that's due today).
The Risk: The good news is that there are no known security risks.
How to Stay Safe: Get back to work.