Using a Personal Laptop on my work office's network...

[dankduke]

I havent been using yet because I'm not sure of the privacy and security so I want to check with my fellow experts.

Here's my setup

1) I'm running Windows 8.1 Pro WMC

2) I have two User Accounts setup

1) For personal use (which has a password to log into my account.

2) For my work office files, folders documents etc. (I wanted to separate them from my personal so i created two accounts).

Here's my question...

When I am at my office and I plug into their network, for Internet access and to use my Work Account on Windows 8.1 does this network have the ability to see whats on the computer. (like under C:\USERS\My Personal Account) I can see the folders that I would NOT want my work to view and I clicked it but it does say you dont currently have permission to view this folder). However my picutres folder was accessible just fine....

Essentially I want everything thats on my PERSONAL account protected from having no chance of being viewed, whetehr that be encrypted or some form of password protection so they cant see anything on my machine.

Is this possible? Do i actually need another PC? If this requires the purchase of somethign thats fine too just LMK.

Seriously appreciate the help I just want to protect myself.

[TAZMINATOR]

its crazy i ask a simple question if this is possible and what method you would do to protect yourself. i havent violated anything in the company policy. i printed the corporate handbook and acceptable use guidelines and nothign im doing is violating it. my boss said go for it, if it helps you. i just dont want some dick to spy on me if he can....instead everyone is discussing ethics...this is not an ethical or violation issue...just a novice trying to learn PC security.

 

I understand that you don't want anyone to spy on you if you connect to coporate network...

 

As others said, it's not gonna happen... they can scan and do whatever they want...  

 

For example, if you connect your PC to their network, one of the admins/tech will notice unknown device pop up in their network list that they have not heard of... they could scan or block it without you knowing.

 

If you really want to connect your PC to their network, go for it and see for yourself. 

 

Don't come here and blame us for this.

[sc302]

Simple questions, is your computer a windows professional computer (win7 pro, win 8 pro) and are you on the corporate domain?  If you are not on a corporate domain, you are safe as long as no one has your admin passwords, if your computer was setup to be on the corporate domain then they have access to all of your profiles if they so choose. 

[Skiver]

Is the company you work for aware of you doing this? They may have their own concerns that your personal laptop is not secured to their standards and your laptop poses a risk to their security?

 

Most companies I have ever worked for have a separate "guest" network for such things that can't access much more than the internet.

[#Michael]

I havent been using yet because I'm not sure of the privacy and security so I want to check with my fellow experts.

Here's my setup

1) I'm running Windows 8.1 Pro WMC

2) I have two User Accounts setup

1) For personal use (which has a password to log into my account.

2) For my work office files, folders documents etc. (I wanted to separate them from my personal so i created two accounts).

Here's my question...

When I am at my office and I plug into their network, for Internet access and to use my Work Account on Windows 8.1 does this network have the ability to see whats on the computer. (like under C:\USERS\My Personal Account) I can see the folders that I would NOT want my work to view and I clicked it but it does say you dont currently have permission to view this folder). However my picutres folder was accessible just fine....

Essentially I want everything thats on my PERSONAL account protected from having no chance of being viewed, whetehr that be encrypted or some form of password protection so they cant see anything on my machine.

Is this possible? Do i actually need another PC? If this requires the purchase of somethign thats fine too just LMK.

Seriously appreciate the help I just want to protect myself.

 

Question...what is the acceptable use policy for your company?  Do they allow for personal equipment to be connected to the company network?  If the answer is no than you are violating company policy and are subject to security policies are in place.  Best bet is to talk with your company's IT and see what they say.  My company's AUP/CISP clearly states that no personal devices (i.e laptop/mobile device/usb drive) can touch the corporate network unless it has been registered with IT.  If it has been discovered that we have violated that then it is grounds for termination.

[dankduke]

they do allow...

 

My computer is a Windows 8.1 Pro w/ WMC

 

I am on a corporate domain.  No one has my password to the Windows 8.1 login.  But can they scan the software on the computer, see the files etc?

 

They said we could use a personal computer on the network for Google Chrome, Windows apps and the like  i just dont want anyone to have access to scan my laptop or view my files.

[Draconian Guppy]

Unless the use some sort of packet sniffer don't think so.

[sc302]

Yes they can. all they need is your computer name. I scan my network all the time without the users knowledge or consent. I can even remote into their computers without their knowledge or consent. I don't need a sniffer to do so. For the record, a packet sniffer wouldn't give you that access anyway (access to files, software loaded, or remote access) you should really be using their computers not yours. They could be held liable for any software that suits on your computer.

[dankduke]

Yes they can. all they need is your computer name. I scan my network all the time without the users knowledge or consent. I can even remote into their computers without their knowledge or consent. I don't need a sniffer to do so. For the record, a packet sniffer wouldn't give you that access anyway (access to files, software loaded, or remote access) you should really be using their computers not yours. They could be held liable for any software that suits on your computer.

 

out of curiousity how can I protect my privacy.  I feel as if I am using a computer I spent money on to use to perform better at work because the computer i am supplied with is a complete LAG.

Im not doing anything wrong just using the far superior machine to do my daily work.  

 

I just want to protect my privacy and not have my files snooped on as I am not doing that.

 

Thanks for the honest replies

[sc302]

Simple answer, don't put it on the work network. More difficult answer, don't bring it to work.

I can't tell you what to do to get a new computer for your self at work, complain to your manager would be the first place. Say things like you can't be productive with the computer you were given and that you aren't bringing in your tools to do your job when your job should be providing the proper tools for you to work efficiently.

[goretsky]

Hello,

 

Why not ask them to upgrade your existing computer so that it works faster for the tasks you need to do?  If the few hundred dollars spent upgrading your system are offset by thousands of dollars in additional productivity I can't see it being an issue for your employer.

 

Regards,

 

Aryeh Goretsky

[#Michael]

out of curiousity how can I protect my privacy.  I feel as if I am using a computer I spent money on to use to perform better at work because the computer i am supplied with is a complete LAG.

Im not doing anything wrong just using the far superior machine to do my daily work.  

 

I just want to protect my privacy and not have my files snooped on as I am not doing that.

 

Thanks for the honest replies

 

They have every right to scan computers that are attached to the corporate network.  It's to protect against malware, viruses, etc...  It's also to monitor network traffic.  Plan and simple...don't use a personal computer on a corporate network.  Either use the computer supplied to you and deal with it or submit a request through the proper channels for a new machine.

[Obry]

Like others said if you're part of their domain they can have full control of your computer even to the point that you can't get into it anymore if they wanted to (not that I can think of any possible reason any IT admin would do such a thing but just saying that it is possible). If you are worried about them getting to your personal stuff then don't use your personal computer. No way to protect your privacy in a corporate domain - they are in control, not you.

[sc302]

They have every right to scan computers that are attached to the corporate network. It's to protect against malware, viruses, etc... It's also to monitor network traffic. Plan and simple...don't use a personal computer on a corporate network. Either use the computer supplied to you and deal with it or submit a request through the proper channels for a new machine.

Unfortunately it goes further than that. They are responsible for all software on their network. While it isn't very common to get software audited, it does happen. For every system that the company does not have a license for they have to pay x. I worked for a company that was audited and a friends company got audited. The first company was fined about 2 million, the second company was fined about 100,000... Even if your system is licensed for your use, it isn't licensed for the company's use.

Also active directory defines rights to your computer, you can't stop the propagation of GPO as the end user, it has the final say of what happens and who has rights to your computer.

[HeartsOfWar]

I don't want to be a fear mongerer, but it's highly likely, if you read the fine print of the IT contract for accessing your corporate network, there will be a clause that states any connected device, incoming, and outgoing data is subject to monitoring, cloning, seizure, or other 'control' actions; furthermore, it'll likely state somewhere that by placing the device on the network, you not only are giving permission to such actions, but are also giving permission to be held liable to whatever is on, transmitted, or received by the device. In short, connecting any personal device to a corporate network is a very fast and efficient way to basically void any rights of privacy while it's connected and even sometimes when it's not.

 

As to your question, most companies that protect themselves with clauses to the effect above also have methods of accessing the data without your account. Some of those methods require third part software, but a very easy method is a Windows domain admin can force ownership to all files of a particular account, effectively bypassing any user permissions.

 

In short, what you're proposing is not an acceptable means of protecting your 'personal' data / actions. It would be best to get permission to upgrade the work laptop.

[TAZMINATOR]

If you are that worry or need to use the personal stuff, then you take a LTE based tablet (such as iPad Air) to your work and you are able to view the internet without being connected to the coporate network.

 

Turn wireless off on the tablet. That's simple.

[#Michael]

Unfortunately it goes further than that. They are responsible for all software on their network. While it isn't very common to get software audited, it does happen. For every system that the company does not have a license for they have to pay x. I worked for a company that was audited and a friends company got audited. The first company was fined about 2 million, the second company was fined about 100,000... Even if your system is licensed for your use, it isn't licensed for the company's use.

Also active directory defines rights to your computer, you can't stop the propagation of GPO as the end user, it has the final say of what happens and who has rights to your computer.

 

I understand all of that...I was just trying to keep it simple.

[dankduke]

its crazy i ask a simple question if this is possible and what method you would do to protect yourself.

i havent violated anything in the company policy. i printed the corporate handbook and acceptable use guidelines and nothign im doing is violating it. my boss said go for it, if it helps you.

i just dont want some dick to spy on me if he can....instead everyone is discussing ethics...this is not an ethical or violation issue...just a novice trying to learn PC security.

[Skiver]

I think the point here is that people are trying to stress that if you are concerned about the security of your personal "stuff" then don't attach it to a corporate domain. As many of said, companies need to protect their systems and therefore they will do scans of devices attached to the network. 

 

We aren't trying to offend you in anyway, just explain why what you're asking for just isn't going to happen.