Engineering company of around 80k employees here.
I only need to connect to a VPN every Thursday to input my hours, I’ll be back home by then. If I stay off the VPN, will they know? We don’t need to connect to it for our day to day tasks, just to access company related portals.
I took PTO once in 2022 and took and used the laptop with me abroad to watch movies, nobody ever said anything so I could be safe?
If it were me, I’d have VPN in a VM on my home machine (host). I’d remote into that host from wherever I am, then use the VM to connect VPN to do work. Why not connect to the VM directly? Because there’s a chance you’ll kick yourself out as soon as it connects to the VPN with no way to get back in until it disconnects.
This is definitely something I’ve never had to think through. Completely hypothetical/for entertainment purposes only.
They can just look at where you are signing into Office 365 from. If they own the laptop and it’s powered on, they know where it is if they want to. Depends on what tools they use to protect their assets.
People don’t usually check into this kind of stuff unless there’s a reason to.
If you are going to a country with high crime, particularly cyber crime (China, Russia, Brazil, etc), you could expect it to pop an alert just from the laptop connecting to the internet from that location. But again that depends on what type of security tools they are using and how protective they are of their assets. Some companies put little to no protection on their machines, some companies have AI assisted tracking of assets that alerts on any change of location at all.
Free option, make a Tailscale VPN account and enroll your home pc and your travel pc. Then setup an RDP connection to login to your home device. Then do the whole VM. I run each job out of a vm for segmentation.
One of my past jobs we used GeoIP filters so if you traveled to a country we didn’t approve then your connect would be declined. Staff had to send me the public ip of where they were staying to connect or if you were high enough within the company and planning to work from different locations then I would be instructed to unblock the country for the time you plan on working there. Most companies don’t go this far.
For me personally I have a computer at home that I would leave on while I traveled. I would connect to my home computer and then into my work. This way it always looked like I was connecting from home.
Not sure if anyone has said it but unless there is a reason from them to look at your connectivity log then you don’t need to worry about. IT is usually busy with other stuff and doesn’t have the time or want to look through logs unless instructed.
It is possible but unlikely.
If for example your machine is lost or stolen then you will kind of have to tell them that it is lost or stolen. They will with almost 100% certainty ask you to file a police report. If you do not file said report you will probably be fired for cause - so you kind of have to do it.
The police are almost certain to ask you where you were when you last had it. If you file a report with your “home” town police and tell the truth they are probably going to stop the report because they are not going to send an investigator abroad to find your laptop. They are going to tell you to file the report with the “abroad” police.
If you file with your “home” police and lie then you will probably be OK but filing a false police report is a crime and you can go to jail for this. They probably will not investigate this further but do you want the sword of damacles hanging over you?
If you file with your “abroad” police then whether you lie or not just the fact will not especially matter. Your company will be tipped off just by it being an “abroad” police report.
If they have a cybersec team they probably already know. “impossible travel” pops when people get off a plane
VPN to home then run a VM to VPN in anywhere else. or carry a travel router to vpn in and connect to it with wifi.
i do this a lot since im 3-6 months out of country. i carry a router which has openvpn on it and it openvpns to my home vpn. then i connect work laptops etc to the router and vpn like normal to the company.
Grab yourself a firewalla for your home network and you can create a vpn server to your home using wireguard. Then grab a travel router that is configured to connect wireguard to your home vpn and you’ll appear as if you are home from anywhere in the world. Additionally I’d remove wifi/Bluetooth card from the laptop and hardwire the Ethernet from router to laptop to avoid any logging of nearby foreign WiFi’s that may indicate you are out of the country.
I’ve talked with my IT team and they said they don’t care where I’m logging in from as long as I can still use my VPN and satisfy MFA requirements.
You could just ask and the IT team itself will probably not give a shit and its likely your manager would never know.
Personally I take my work laptop every where (not international). They can check, but there are so many connections they do not.
Also if it’s a company laptop, find out if it has geo tracking
i work in cybersecurity. Yes, I can find out- we just get alerts. We def investigate and based on abnormalities, we might contact directly to you or your manager…again depends on the patterns Im observing from your laptop… It depends on company culture too…if its large corporate, they will let it go unless theres malicious pattern.
And yes, whatever you do from your work laptop, folks like us have access. All files, folders, pictures, urls you visit. We care less what you do though - not even for my own entertainment.
VPN and your laptop is separate but in your laptop, an agent is installed which keeps running in the background. So VPN or not, I still can see what you are doing unless agent is not installed then your company is doomed and you can do whatever you want
I have a feeling your computer is gonna not be working on Thursday…lol
I have a router that connects to a VPN at home, and only allows my machines to connect through that tunnel. My computer doesn’t even know where I’m at. I will say, if you have location services enabled, it’s surely there.
I’ve been remote for 4 weeks in Italy with 4Js - brought a Starlink in case of internet issues. It’s business as usual.
Maybe my company isn’t hyper watching this? I did take it abroad to Turkey during my pto and didn’t connect to the VPN, that must’ve given off a signal but nobody noticed or said anything to me. Also, people are often travelling around on business, how do they differentiate who’s away on business out of thousands of people?
Hopefully I can get away with this, but I need to have an inbuilt excuse like a family emergency that required urgent travel. I could also do another test by taking and using the laptop abroad when on PTO, to see if they notice.
Most big companies do this to block embargoed or sanctioned countries
Does anyone man your home router? What happens when you have outages
Can I DM you, you sound like a real expert on this topic and I’m running into a similar situation. Please help, I’m desperate. My new job didn’t know I was working outside of the US and I just found out through my recruiter that it is not allowed. I cannot lose this job, it’s my only source of income at the moment until I find my J2.