Can MDM software be used to spy on employee ? (sh.itjust.works)

submitted 6 days ago by BlueMagma@sh.itjust.works to c/cybersecurity@sh.itjust.works

14 comments fedilink hide all child comments

My employer had us install a software called "fleet osquery", they said it's a first step toward inventory management of all the devices for IT. I guess it also adds a layer of safety by making sure nobody installs any dangerous software/malware on their work devices.

Looking at the docs , it looks like this can be used to remotely execute scripts on my laptop, should I be worried about my employer spying on me during work hours ? Or logging information about what I'm doing ?

you are viewing a single comment's thread
view the rest of the comments

[-] BlueMagma@sh.itjust.works 10 points 6 days ago

Work laptop of course, if it was my personal device I wouldn't even care what they say. I think I'm going to isolate my work laptop from my home network now though.

[-] Bob_Robertson_IX@discuss.tchncs.de 15 points 6 days ago

I think I’m going to isolate my work laptop from my home network now though.

This is always a good idea. Your work IT department doesn't trust you, and you shouldn't trust them.

[-] biscuitswalrus@aussie.zone 3 points 6 days ago* (last edited 6 days ago)

Hey I don't know your technical capability, but Steve Gibson pointed out the lowest knowledge way to get an isolated network just by buying two more cheap NAT routers. Your current router stays routing internet, but in LAN1 you plug in one of the new routers, let's call it your home network, and LAN2 of your internet router plug in the other router and call it insecure. Plug in your WiFi access points into home and your devices. Plug in work laptop and other IoT to insecure. Home won't be able to talk to insecure, and insecure can't talk to home. This is all because of NAT. Just make sure the home network range is a different range to the insecure.

Otherwise it's just a vlan on router and switches and access points with no firewall rules that allow INSECURE to HOME.

You might already know all this in which case never mind!

https://www.grc.com/nat/nat.htm

[-] Bob_Robertson_IX@discuss.tchncs.de 1 points 6 days ago

Thanks, I did know that but I'm glad it is here for anyone else who may need to know.

this post was submitted on 29 Oct 2024

24 points (100.0% liked)

Cybersecurity

5619 readers

186 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social