I’ve got a new work laptop from my employer. The old one is not necessary anymore for work related stuff. As I have an ancient personal laptop and a budget is a bit tight currently, I thought to use old work laptop for personal stuff.
I already installed Win10 LTSC and plan to encrypt the complete OS with VeraCrypt and on another partition to add Linux Mint (with LUKS) and dual boot it, but mainly will use Win.
As I can use this old laptop however I want it, I just have to return it once I decide to leave, my question is, how safe is to use it this way? Beside the mentioned complete encryption, my plan is to zero-fill it (or whatever it’s called) before I return it, so I’m not sure would someone be able to recover my data?
As this is a work laptop, head of IT admin department told me they are sending these to be recycled, but they are destroying SSDs. So most likely nobody will try to recover it anyway, but I would like to see, if someone would like to, is there any chance for that?
~~As long as the laptop is no longer managed by the company, and you are not logging back into your company’s AD then it is just another laptop, no special concerns here.
In terms of destroying data before returning, if you FDEed with veracrypt with good password, then i would say even quick format would be enough, no one can crack it anyway, unless you stored national secrets there and want to be 10000% sure, then zero fill it.~~
Edit: Please ignore my text above and note This reply
I highly disagree here and I believe this is very dangerous advice in fact.
Please note your work laptop (the laptop you do work on) is subject to any kind of investigation the company would be placed under. Meaning that it can be seized when the company is any kind of trouble.
Why not just buy an SSD and install it in the Laptop? SSDs are cheap and it alleviates all the concerns you mention. Just keep your SSD when you return the laptop. You could return their SSD immediately for IT to dispose of or re-use.
If your using it for personal use, I would not connect it to your works network anymore or do work stuff on it.
First of all, get a written confirmation from IT that you can use that old laptop as your own. Many companies are selling old laptops to their employees for a very cheap price.
After getting confirmation, ask IT team to release the laptop. It is most likely enrolled in a MDM program, like Intune and even if you change disks, laptop will try to register itself to company portal.
Another point. It is a company property, not yours, unless otherwise is communicated to you in written form. Whatever you do to modify the system, will be illegal.