Advice Request A question about using my own laptop for work

[Captain Holly]

Hello MT Forum,

I am starting a new job next week, it is 100% remote, working from home. My new employer does not provide computers or any other hardware. I will have to supply my own computer, monitor, phone headset, mouse and keyboard. I already have what I need, including a 4 year old Lenovo Idea Pad 110 that still works great. I don't use it very often; I use a newer laptop for my daily driver, but I do keep the older one updated and patched, I fire it up and check for updates 2 or 3 times a month. It is on Windows 10 20H2, OS Build 19042.1081. It has 6 GB Ram and a 1 TB hard drive, but not much is on it, it is less than 10% full. I use Windows Security AV with Configure Defender set on High. My default browser is Edge Chromium with Ublock Origin on default settings.

I wonder if it would be a good idea to reset my laptop with a clean reinstall of Windows? I have everything that I wanted to keep from it backed up on flash drives. When I do use that older laptop I use a standard user account 99% of the time and I use an admin account only when needed. I wonder if the laptop might perform better for work or be better able to connect with the new system at work if I reset it and took all of my programs and apps I would not need for work off of it, keeping the laptop as bare bones as possible, with just Edge and whatever apps the job needs but still with a standard user account for daily work use and an admin account that I probably would not use very often.

The main thing I am worried about is when I have my own personal laptop connected to my new employer's system, if the employer ever were to be hit with a data breach or ransom/malware attack on their system and I still had my current personal user accounts on my laptop, I wonder if criminal dirtbags could steal the info on my personal user accounts too, such as my bank or credit card details? I do not store any financial info on that laptop, but I do have my bank and credit card web sites in the Favorites list on Edge. I do not store any financial ID's or passwords on the laptop and I do not use a password manager. I keep all of my login details written in an address book.

I am just trying to be proactive and keep from getting hacked or getting my bank account cleaned out. I have never had to use my own computer for work before. If it really does not matter then I would just leave the two user accounts I have as they are and set up another bare bones standard user account for work only.

Thanks for any insight on this.

C.H.

 

[shmu26]

I do not store any financial info on that laptop, but I do have my bank and credit card web sites in the Favorites list on Edge. I do not store any financial ID's or passwords on the laptop and I do not use a password manager.

Sounds like you are safe. Just having a shortcut to a banking site does not provide meaningful info to criminals. If your sensitive passwords are stored in your browser, then there is room for concern, but you say you don't do that. Just to be safe, check the password list in your browsers and delete as necessary.

Your personal data such as pics and vids and docs could be vulnerable, if you have any of it on that machine. So just give the machine a second examination for sensitive personal data, empty the recycle bin, and you're good, IMO.
If you want to waste time on paranoia, you can, but...

Good luck on the new job!

 

[upnorth]

My new employer does not provide computers or any other hardware. I will have to supply my own computer, monitor, phone headset, mouse and keyboard.

Most employers in my country, always supply the hardware. It's similar working clothes for factory workers or anyone with a " risk " work that must have certain protections, but I know this is different in different countries because of Union agreements etc.

The main thing I am worried about is when I have my own personal laptop connected to my new employer's system, if the employer ever were to be hit with a data breach or ransom/malware attack on their system and I still had my current personal user accounts on my laptop, I wonder if criminal dirtbags could steal the info on my personal user accounts too, such as my bank or credit card details?

Basically speaking, yes you could loose your bank and credit details. Extra so if your employer save those in any system that your unaware of. I seen that specific a bit too many times in articles posted here alone on MT. Local machine/system settings and software with tweaks that supposed to help you against anyone and anything, sadly just won't help when for example your bank itself gets attacked and hit by hackers. You personal can't do much about that specific, but at least you try and ask. In my book that's called vigilant and smart and hungry for correct information, not paranoid.

Your on the right track with using one of your laptop separate for this work. Just try to minimize the amount of personal info that you must use also on that machine. Other then that, I already see you utilize a SUA ( standard user account ) and that works great most of the times. It can be a bit harder with local attacks ( phishing, scam etc ).

 

[shmu26]

Like @upnorth said, if you don't have personal info and sensitive logins on the work machine, there is not much risk.

 

[Aleeyen]

I thing I would like to suggest to you and others also is that if you are going to use your laptop for long period of time then get a good monitor and try to sit at-least 3 feet away from it while working, its good for your eyes in the long run.

 

[ForgottenSeer 85179]

Very solid setup, anyway i would change it a bit:
- upgrade to Windows 21H1
- set UAC to maximum
- do your work on a restricted/ limited Windows account
- use Edge' Application Guard: How to Enable Windows Defender Application Guard for Microsoft Edge
- use Quad9 as DNS

I use Windows Security AV with Configure Defender

I hope you mean Microsoft Defender?

 

[shmu26]

Very solid setup, anyway i would change it a bit:
- upgrade to Windows 21H1
- set UAC to maximum
- do your work on a restricted/ limited Windows account
- use Edge' Application Guard: How to Enable Windows Defender Application Guard for Microsoft Edge
- use Quad9 as DNS


I hope you mean Microsoft Defender?

I assume that OP means he uses MS Defender and manages it by means of Andy Ful's Configure Defender tool.

 

[Captain Holly]

Thanks for all the replies on this. I will see if that laptop is ready for 21H1, and any other updates too before I start using it at work. The last time I checked for updates 21H1 was not available for it yet. I do use Windows Defender and Configuredefender but on my machine it says the name is "Windows Security". I am on W10 Home so I can not use Application Guard.

After reading your advice here I think it will be best to reset that old laptop and clear the hard drive; that way I know I will feel a lot better about the security of using my own computer at work. I will set up a SUA and also an admin account too, but I doubt I will need any admin rights at the job. There is probably not a lot to worry about with using my own laptop at work, but I would much rather be safe than sorry. Companies big and small are getting hacked, exploited and hit with ransomware every day now and I just don't want to be a victim myself. I read MT every day and a few other computer sites too, trying to learn as much as I can about online security.

My new employer has not told me yet which browser or apps I will need, but I think it likely will not matter. If they run it the way I think they will I will sign on the company website and maybe use their VPN and do all of my work through their web site. It's a customer service job answering phone calls so I doubt the requirements on my computer will be all that complicated. I have an orientation next Wednesday where they will give me all the details and get me set up with what I need for the job, then starting on Thursday there will be a couple of weeks of training mode until I get the hang of things.

Thanks.

C.H.