I try to not mix work and personal content on the same laptop, I’ve seen too many glitches (although usually not quite that embarrassing). Slack has been my one exception (although only on my phone). Thanks for the valuable reminder.
> I try to not mix work and personal content on the same laptop
It's kind of jaw dropping to me at how this is still not the norm and how people gratuitously mix personal and work content on the same devices, both mobile and desktop.
Purchasing, carrying, and maintaining two devices is expensive, heavy, and tedious. Easy always beats safe. Not to mention that there may be significant overlap between work and play for some people. I code Magento (PHP) during the day and contribute to open source PHP efforts as a hobby. In which environment (work or personal) should my notes and bookmarks be?
When I have a company issued laptop I use two machines. When I don't, then I use two accounts on the same machine. Most Linux distros even allow fast account switching in different virtual consoles. I use a different background and panel color for the personal and work environments. It's not a perfect solution, but neither is separate devices.
My work and hobby life is completely entwined. I have one powerful machine and micromanage my time by switching between windows of work and leisure.
Add the fact that I do coding as work and video editing as a hobby which both need powerful machines, and it would be very stupid, unmanageable, and inconvenient to buy two MacBooks.
I remember when I worked at an Alphabet company and they offered the option of using your personal phone to sign in to work stuff. (It wasn't Slack, it was one of the seventeen different chat systems they had going at the time.)
There was a teensy-weensy little caveat: Google IT could wipe your personal device at any time!
That's... odd. Was this a long time ago? Because these days Android has work profiles that specifically exist to let you shove work stuff in its own separate space that can be managed separately from the rest of the device, and Google itself not using the feature that they built into the OS to support that exact situation would seem really weird.
Google does use Android work profiles - if you have an Android device. Unfortunately, iOS doesn't really have an equivalent concept (e: see comment below), so device-wide privileges are necessary there.
Everyone has their own level of comfort, of course. I've worked for two employers now whom I've given the power to erase my personal iPhone in exchange for the convenience of not needing to lug around a second phone.
Disclosure: I work at Google; opinions are my own.
Oh, thanks for the link. Looks like I'm out of date. Seems to be a relatively newish feature (~2020), but on the surface that does seem ideal. I haven't dug into the specifics, so I'm not sure if there's a gap preventing its use or if it's just a matter of priorities.
Yeah, it was a while ago, and it's possible that I could be remembering some details wrong. It just struck me as "no, I would rather carry a separate work phone if I have to."
That’s a widespread problem. I worked for a dramatically smaller IT firm and it also gave employees the opportunity to register their phones with the company’s Exchange service; when I asked my boss whether we should warn them about the power that gave us, he felt it would just cause unnecessary alarm.
well, probably, but maybe it meant that while it gave the power to do this he would never do it. However one should never say never in business, so maybe naive.
Umm, I remember a time when Personal Computers were seen as universal, do-it-all devices. And there was this expectation, you know, that your FOSS-OS will put all your security and privacy choices into your hand. That was roughly before folks took the red pill and went all-in on intransparent browser apps and would program their change-the-world app for themselves, to be released when ready. Unlike today where they flaunt non-novel, insignificant, uninspired crap on github.
I put a prepaid sim card in my old phone and use it exclusively for work 2fa. Now I can turn off that phone at my convenience and when this gig is over I can just switch to a new sim.
How so? Hopping around in your home network should not be possible by default and would be a gross overreach by any IT department, even beyond “you put data on this device and therefore we will search the entire thing”.
Indeed, my work laptop is heavily firewalled, always assumes to be on an unsafe network, and uses a vpn and zscaler. Say you are on an airport wifi - I wouldn't expect corporate IT to scan the neighboring devices. No way it's going to snoop around on my home network, that would just expose the machine.
Interesting perspective difference; I was referring to protecting the work computer from threats, not the home network from corporate. You must work at happy places…
Apparently you would also be surprised by how common it is to use a home printer, a home wifi access point, etc. and have IoT devices in the network. Corporate firewalls and scanners only protect against unauthorised connections and known threats; zero-day exploits can still be much more effective from a local network.
I have a pretty dim view of endpoint security, seeing it mostly as a thing that works against me rather than for me. I feel that any threat model that includes "zero-day exploits" is almost always poorly formed and sensationalist, rather than grounded in a genuine evaluation of security tradeoffs.
Many people are effectively sheep and will install a company app on their personal phone because "wow it's so convenient everything is all on one device".
That said ... employment is at-will, so there are no real rules here. It's not that different from if you sign up to be an Uber driver you're expected to have a car and a phone that you are willing to use for work, or you can't take the job. Nobody says it has to be the same device as the one you use for your personal email, it's just that you are expected to have a device for the job. So nothing legally prevents them from requiring you to have a device with the company apps on it, in return for you accepting some hopefully big enough salary.
For software engineering, if the salary is on the low end of market I expect work to buy me a work phone, if they require me to install any apps. If salary is on the high end, then I wouldn't fuss about it too much, I could just buy myself a separate personal phone for work with the pile of extra cash, but them buying me one would still be a nice, appreciated gesture.
There is no right, just a personal choice. If you have to lug around the company provided laptop if you want to check your work calendar/email/slack/whatever, you may start to consider using your personal device.
My solution to this is to have two separate accounts on my work laptop.
One for work, the other one for side projects, personal browser, courses, learning, etc.
As long as you're not doing anything illegal and are running on a non Administrator account, I think it is a good compromise vs having to carry a second laptop.
Your company likely has full access to that account and I would generally not recommend using any devices owned by your employer for side projects unless they specifically allow you to in some sort of legal contract that says something along the lines of them not owning everything you do on that account.
No, they don't. At my company we buy our own laptops, and we expense them. There is no VPN and no company owned software installed. And most of what we do is Open Source anyway.
> specifically allow you to in some sort of legal contract that says something along the lines of them not owning everything you do on that account
Not a problem, my side projects are just for learning purposes. They're open source, and most of them end up abandoned. I'm not running a side business on a company laptop, so they can own everything if they want, I'm fine with that.
It's kind of jaw dropping to me at how this is still not the norm and how people gratuitously mix personal and work content on the same devices, both mobile and desktop.