Have been working at a remote company for half a year now, they announced that soon we’ll need to install a corporate VPN in order to access the website which we use for working(can’t go too much into detail, kinda internal info). The problem being, a lot of us are working on our personal laptops and pcs, since it’s a remote job and the company doesn’t have an office here. How safe is it to use a corporate VPN on a personal device like this? Will they be able to access my device activity? It will need to be turned on for the whole duration of a shift. Thanks in advance.
Make them give you a work laptop. And stop working on your personal device.
I never understood why a company would allow employees to use their own computers for work. It is a huge security issue. And just now they are introducing VPN…do you at least have a mandatory antivirus installed. The paid licence, not the free version.
Rule #1 of WFH - Always use a separate device to work from at home. If you are an employee, they should provide you with a laptop. If you are a contractor bringing your own gear, use a separate laptop.
Rule #2 of WFH - When in doubt, refer to Rule #1
You should not be using personal devices for this job
If they don’t provide a work computer, they should at least provide a virtual desktop environment. It’s lazy and a security risk to have company data on a private computer
Use a VM to install the VPN on.
Stop using a personal device for corporate work.
Realistically, they should not even allow a personal device to connect to the VPN, much less to expect it as the norm
Yes , vpn equals more security for the company , you click a malware site , the corporate firewall blocks it. It also logs web traffic.
Don’t use your personal get a vdi or have them supply a workstation. Never let hem install anything on your personal workstation
You should contact your sysadmin,
Personal device+Corporate VPN=You guys are the next cyber incident waiting to happen.
Your security team SUCKS if they’re allowing that PERIOD, FULL STOP.
Depending on the vpn, they will can to everything from just force traffic via their servers to complete control of your machine, including decrypting TLS traffic.
I would never install any corpo software on my own machines. The company have to supply their employees with hardware.
It should be safe to use their VPN on your personal asset. They would be able to see all your internet activity while you are connected to the VPN, because you are technically on their network. This is a technical discussion, not an ethical debate.
While not deal, you have choices. Install the VPN on your current personal device, purchase an inexpensive work only laptop, request a corporate laptop, install a virtual machine, or look for a new job if you don’t want to install anything.
The virtual machine, IMHO, is the best option. It would run a computer on your computer to use for work. When you are done with work, you simply shut the virtual computer down.
The VPN might be the first thing your job wants to install, they may enforce requirements like installing up to date antivirus and software updates to protect their network.
If it’s Cisco AnyConnect, you’re fine. They can’t see your stuff.
This or ask for VDI if they can’t ship/reemburse you a system
instinctive profit zealous innate tart fear rain encourage mourn pot
This post was mass deleted and anonymized with Redact
Might not be that simple if they’re a contractor
Totally a reason BYOD is a topic in the security space. There’s so much to it. I understand the why, but securing it is a large task.
do you at least have a mandatory antivirus installed. The paid licence, not the free version.
Windows defender (free) is almost certainly enough.