Hello, Crown Clients and Friends!
It's important to remember that your work computer is for work. You're responsible for both the physical device and the information contained within.
Someone with access to your computer can have a remarkably easy time viewing the passwords stored in your browser. Some browsers don't require user confirmation before viewing stored passwords, and some don't even save the passwords in an encrypted file. And the attack doesn't have to be on your local machine. Because these browsers also offer synchronization services, someone who cracks your browser account password can synchronize your passwords, downloading them to their browser anywhere in the world. Best practice is to not sign into your personal google account from a work computer.
Many free games are supported by revenue generated by in-app ads. In-game purchases support others. Still others are a delivery service for malware. By installing the game, you're granting the software a level of access to your system. In addition, games with an online component generate network activity that can provide cover for sending sensitive information back to the 'game server.'
Facebook, Twitter, LinkedIn, and especially TikTok apps aren't profitable by being social media. No one ever made a dime off pictures of lunch. Instead, these apps were designed to collect every scrap of data about your habits as they can, so they can turn around and sell that data to advertisers. Maybe you don't care about that. But if you're using a work device, then you're also sharing information about your employer. And the channels of communication opened by these apps can be exploited by bad actors deliberately targeting your devices. If you're going to use one of these services, access them through their website.
-Sean Goss and The Crown Team