[smt88]

Yes, it's common. It's more common at more mature companies handling very sensitive data.

Considering the power of laptops these days, I don't understand what you're losing in usability.

Either way, it's a good policy, and your users are better off for it.

[xcq1]

I don't question the security benefit. I think you're absolutely right that the users always come first. The production system and its data was never running inside the company network and is protected additionally.

I feel it'll be a loss of usability since they want to have a one-size-fits-all laptop. The model I've seen is noisy and a bit heavy. Suddenly having to carry one every single day irks me a bit. Having to (un)plug monitors and periphery at home is going to be additional effort (but explicitly allowed). Not saying it's not worth it (and somewhat complaining on a high level), but it is a loss of comfort.

[smt88]

A few suggestions that might help:

1) Get docks for home and work, so it's just one step to connect peripherals. It's actually a lot more convenient than having separate machines for work and home.

2) Find out if you can use a virtual desktop setup, where everything is running on your work machine, but you can use RDP to control it. A competent IT dept should be able to set that up in a way that's not less secure.

3) If you're in the US, your company can't force you to carry a heavy laptop if you have any issues with strength or mobility. If you want to exploit this, you can ask your doctor for a note saying that you shouldn't carry a laptop to/from work. This is actually probably true for the many people who have issues with back pain.

[xcq1]

1) Thanks, docks at work are provided, but I'll check whether they will also provide one for working at home.

2) This is more or less the way it's already done. The plan now is to replace every desktop PC with only one laptop per employee company-wide. Which is why I was asking if this is such a common practice, especially since the company tries hard to come off as modern and hip in other regards.

3) Very good point, I'll look into that. I'm not in the US, but similar regulations probably apply here.

[smt88]

For the RDP solution, can't you just log in from a home computer?

To be clear, I'm not just talking about logging into a VPN. I'm talking about streaming the display output from a work machine. No programs or data from your work machine would be running at home.

[xcq1]

Yes, that is precisely what I do right now. But I need to log into the VPN since the RDP server is only available inside the company network and not in the public internet. Unless you're talking about in my home wifi to avoid the dock.