I have a company provided laptop that uses Pulse Secure to connect to the company VPN. I intend to shut down my personal wifi devices while I connect to work, and I know not to do any internet surfing while on their VPN.
But it’s still going through my own router, so my question is, can they grab my browsing history or any personal information from there? My employer tracks everything we do so I’m concerned about what abilities they have when I make this connection from my home. My tech-savvy is about 4 out of 10.
They’ll only see web traffic when you’re on the VPN. They can’t grab anything outside of that. I’ve worked with Pulse Secure quite a bit on the administrative side, and unless something changed super recently, they’re only going to see what your company issued device does when connected to the VPN: no other devices, no past web traffic, etc.
If you wanna be safe, run a VM with a separate VPN on it. Might be a bit slow but all they can see is your VM making a single repeated request over and over. They can’t see what you do inside your VM.
Why not setup a guest network for your work computer, that way it doesn’t have access to local services, only the web? It’ll keep your personal devices on the main network and only work stuff on the guest network.
Anytime a client gives me a laptop due to the software I use it usually requires local admin access. I import the system as a VM (or I just stand up a VM) and do all of my work for them in that VM.
Honestly, lots of people surf the web while on company time and on company VPN. I honestly don’t care if I’m just reading NYTimes or doing an occasional Facebook browse and still on my company’s VPN. When I’m traveling for work and sitting at my hotel room at the evening, I’m half working and half surfing, so it’s nice to get some emails done while watching some Youtube/listening to music. If you’re going to do anything that you definitely don’t want to do at work (gambling, torrenting, pron, etc.), then get off the VPN.
It really depends on your employer though. If you’re at one of those that make it very clear you are not allowed to do any personal stuff on your work computer, then definitely don’t be on the company VPN. If your employer is generally one of those that only wants you to get your job done, then maybe it’s less of an issue but I’d still never do any NSFW stuff over VPN.
This is correct except for the “company issued device” part.
If this is a company owned device, they will likely be able to see all activity on that device independent of the VPN. Never ever do something personal on a corporate device - no torrents, gambling, porn, limited access to personal services and apps, etc. This should be outlined in company policy.
If it’s a home computer or other BYOD then no they cannot see anything outside of corporate managed apps or VPN tunnel.
Hmmm… this is actually not a terrible suggestion… except that since I normally hard-wire in, I would have to go trace that ethernet run back to my switch, to figure out which port that is (honestly not too hard with the SW GUI page) and set up a VLAN for it… I may end up doing just that!
Totally. I have a personal laptop for the naughty things. My work key captures everything and I don’t even log into my personal email or bank accounts while on a work machine. I was just worried about traffic in my home network outside the work laptop, but it sounds like I’m safe.
If I have a personal computer running whatever I want, and I remote into a workstation with PluseSecure, can they see the traffic from my personal computer?
100%. It would take a lot of investment for a company to snoop your home network or personal devices, not to mention they have no legal right to do so.
Don’t assume they can’t. I would err on the side of caution and drop the VPN session when doing personal things. Most companies use split tunneling, where only corporate traffic hits the VPN and the rest goes out normally, but there’s no guarantee here.