If you are working from home the first assumption you must make is that the employer laptop is being monitored. Maybe not every single keystroke but all the websites you visit will be tracked. So in my home office I have two computers - the one my employer gave me and my personal computer.
The one my employer gave me is only used for work - nothing else. I don't check personal email on it. I don't do any banking or bill pay. I don't use it to visit any news sites or Slashdot or YouTube or any other website I
Isolate that work laptop from your home network in some way shape or form; that way they can't snoop your personal network.
I also advocate avoiding Wi-Fi usage at home. Only used wired networking for your home network. Ok, if you rent a place that could be impossible, but if you own your place (and I don't mean "condo own"), then install the cabling and a proper firewall (not one of those tosser junk boxes you can get for pennies. A wire inside your own house and walls is a bit harder to snoop (or hack) than Wi-Fi. Then that work laptop can go on it's own VLAN and that "work" VLAN can be "firewalled" (block all communication) from the house network if you have a proper commercial firewall, or know how to use Linux or FreeBSD at an advanced level.
In my case I knew my employer had snooping software on the laptop and I knew they could snoop the laptop hard drive. I played it safe and assumed they could snoop the network connections to that laptop, so I made my home network as secure as possible before I every attached my work laptop to it.
And that work laptop...if you can't isolate it from your home wired or Wi-Fi network, then use a company VPN over 4G/5G or someone else's "free" Wi-Fi. Make sure the company pay for that 4G/5G wireless plan. You are already paying the electric rates to run that laptop at home, so why give away your Wi-Fi and home bandwidth (which could be metered in some places, and yes that is "still a thing") when your employer won't help pay those rates?
And I like the idea of fully powering down the work laptop and disconnecting it in every way possible. The paranoid could even toss all that kit in a cupboard when it's not needed.
Finally...NEVER DO COMPANY WORK ON YOUR PERSONAL HARDWARE because it blurs the lines (in the USA at least) as to who owns what when complaints are taken to a Court of Law. If you are a contractor, use a computer dedicated to your contract work. Always keep "personal" separated from "work" since the legal definitions of "intellectual property ownership" keep getting more and more sketchy every day, and especially with more and more folk working from home.
If your employer will let you work from home but won't pony up for a work laptop and bandwidth costs so you can work from home, then tell them to POUND SAND and start quietly looking for work elsewhere. Right now, if you are good at what you do you should be able to strike a good deal with a new employer.
I like the idea of separating both computers on the home network. Currently both of them are hard wired and both use a VPN. Different brands of VPN. I disable wireless on both machines. So i haven't figured out how to separate them at the router level yet but having the two VPN tunnels effectively accomplishes the same thing - I think. Please correct me if I'm wrong.
Scientists are people who build the Brooklyn Bridge and then buy it.
-- William Buckley
My WFH setup (Score:3)
If you are working from home the first assumption you must make is that the employer laptop is being monitored. Maybe not every single keystroke but all the websites you visit will be tracked. So in my home office I have two computers - the one my employer gave me and my personal computer.
The one my employer gave me is only used for work - nothing else. I don't check personal email on it. I don't do any banking or bill pay. I don't use it to visit any news sites or Slashdot or YouTube or any other website I
Re:My WFH setup (Score:1)
Take your security 1 step farther.
Isolate that work laptop from your home network in some way shape or form; that way they can't snoop your personal network.
I also advocate avoiding Wi-Fi usage at home. Only used wired networking for your home network. Ok, if you rent a place that could be impossible, but if you own your place (and I don't mean "condo own"), then install the cabling and a proper firewall (not one of those tosser junk boxes you can get for pennies. A wire inside your own house and walls is a bit harder to snoop (or hack) than Wi-Fi. Then that work laptop can go on it's own VLAN and that "work" VLAN can be "firewalled" (block all communication) from the house network if you have a proper commercial firewall, or know how to use Linux or FreeBSD at an advanced level.
In my case I knew my employer had snooping software on the laptop and I knew they could snoop the laptop hard drive. I played it safe and assumed they could snoop the network connections to that laptop, so I made my home network as secure as possible before I every attached my work laptop to it.
And that work laptop...if you can't isolate it from your home wired or Wi-Fi network, then use a company VPN over 4G/5G or someone else's "free" Wi-Fi. Make sure the company pay for that 4G/5G wireless plan. You are already paying the electric rates to run that laptop at home, so why give away your Wi-Fi and home bandwidth (which could be metered in some places, and yes that is "still a thing") when your employer won't help pay those rates?
And I like the idea of fully powering down the work laptop and disconnecting it in every way possible. The paranoid could even toss all that kit in a cupboard when it's not needed.
Finally...NEVER DO COMPANY WORK ON YOUR PERSONAL HARDWARE because it blurs the lines (in the USA at least) as to who owns what when complaints are taken to a Court of Law. If you are a contractor, use a computer dedicated to your contract work. Always keep "personal" separated from "work" since the legal definitions of "intellectual property ownership" keep getting more and more sketchy every day, and especially with more and more folk working from home.
If your employer will let you work from home but won't pony up for a work laptop and bandwidth costs so you can work from home, then tell them to POUND SAND and start quietly looking for work elsewhere. Right now, if you are good at what you do you should be able to strike a good deal with a new employer.
Re: (Score:2)
My work laptop has its own internet connection. It pretty much has to, corporate requirement.
Hey, as long as they pay for it, they can have it...
Re: (Score:2)
I like the idea of separating both computers on the home network. Currently both of them are hard wired and both use a VPN. Different brands of VPN. I disable wireless on both machines. So i haven't figured out how to separate them at the router level yet but having the two VPN tunnels effectively accomplishes the same thing - I think. Please correct me if I'm wrong.