I have 1 laptop, I need to do my personal things there and all my work.
How would you separate it for best possible security and privacy? HyperV or Virtualbox better?
Just sidestepping the whole âwhy are you required to use a personal computer for work?â question (because ideally, you should not be mixing the two full stop), I would have both work and personal in separate VMs, with the host OS just existing to provide a hypervisor.
2 Likes
You shouldnât do any personal activities on work laptop. If your IT dept has more than two brain cells, they will implement lots of monitoring apps.
2 Likes
Its work from home, this job dont give out any computers and I cannot afford two
1 Like
All they use is teams and rest is within web browser (zendesk etc)
Maybe dual boot? It also helps you disconnect from work when you boot to your personal system
1 Like
Different users on Mac just have atmost DAC not MAC.
How come Hyper V / Virtualbox is not good enough?
What if they donât install anything except requiring using a VPN to access sensitive data?
Then whole IT and security teams should be fired.
1 Like
Why?
You are working with sensitive client data, namely customer data. How can you make sure that that data is safe? How can you prevent leaks?
User is the main reason for data exposure and it is the weakest link. That is why there are applications to prevent user to become the weakest link.
There are compliance apps, information security apps, cloud security apps, inventory management apps, EDR, XDR, proxies, and many other apps to prevent data leakage.
So, just installing an AV and VPN wonât cut it.
Alright, thatâs what you think is not professional. Certainly, this is not the best practice, but most measures I know canât truly prevent a malicious employee from stealing data if they want to, especially when working from home.
Only option to steal data is taking pictures via your phone. On device methods can be prevented.
1 Like
then just use a different browser for different activities? thereâs no need to use VMs if everything is on the browser anyway. Even a different browser profile would work.
If you are on a Win laptop, you can use Veracrypt and store all your work files in there. Make a new local user account and put all your personal stuff in a new and separate veracrypt account.
Also dont forget to backup all files.
Hi. Looked at the information that is available about your conditions and equipment at the moment. In order to continue a constructive discussion, it would be right to add to it at this time:
expand
-
What operating system is the laptop running on?
-
What are its technical specifications?
-
Is there an additional monitor?
-
Do you work from home, is that mean you are at home and work most of the time, or are you not in the âofficeâ a lot of moving around and working in essentially different places and mobile?
-
Do you have an additional budget to meet your needs, how flexible is it?
-
What is your level of PC handling and are you willing to learn to solve your problem or do you prefer simple and off-the-shelf solutions?
-
Do you use your home internet and ISP or some other way of accessing the internet?
-
How sensitive is your work to unauthorized access? (what niche is your work in, how confidential is the information, how high are the stakes and the cost of error, what were you told when you were hired about the responsibility for your personal computer on which the work will be done and data stored?)
-
Have you been told that there have been previous incidents of data loss, etc.? (if not, would you be willing to inquire, perhaps being proactive will have a positive impact on your reputation and you will get answers to your concerns).
1 Like
Unless itâs a big company with a top security team and limits internet access, itâs usually feasible to bypass the isolation.
possible =/= feasible, itâs not that hard to lock a machine down enough to need people to take photos if they want to get data out without being a forensics expert lmao
Installing 70 apps doesnât make you more secure.