Never, EVER, do anything that might create personal legal liability for yourself on behalf of your org.
No matter what anyone says, you are not "family." You are not "in this together." And most importantly they do NOT "have your back."
@malwarejake If your employer ever even hints at asking you to do something illegal your next step should be to find another job. Even if you answer "no" working there is unlikely to work out well in the long run
@ithoughtisawa2 @malwarejake There are many things you can be asked to do which could create personal liability that are not illegal.
@malwarejake When I worked in a home mortgage call center for a certain "Well" known bank, they made you sign a document stating you agree to pay up to $4,000* towards any legal dispute between the customer and them that involved your call.
Just working there in customer service put a personal legal liability on you. I'm not talking about being a certified broker agent. It was regular customer service for home mortgages.
*I can't remember the exact amount, but it was several thousand dollars, which was significant when you only made $16/hr!
@malwarejake can you provide an example of something that could create liability?
@lnogue Sure - when someone says "it's okay, just say we have a vulnerability management program on the insurance underwriting form. We did a vuln scan in 2022, so it's cool."
@malwarejake and remember: should an attorney ever be involved, ask if they are advising you as your attorney.
@dank I would *not* trust a company-provided attorney to have *your personal* best interests at the forefront.
If an attorney becomes involved, then get your own. Yes, I know they are generally expensive. Yes, I'm sure your employer will tell you it's unnecessary. But simply the fact that an attorney *is* involved with something you're asked to do at work should tell you plenty.
@catsalad @malwarejake that “well” known bank is a known pos so that almost doesn’t surprise me. What a huge yikes