this post was submitted on 03 May 2024
30 points (89.5% liked)

cybersecurity

3238 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

FWIW, this isn't to do with me personally at all, I'm not looking to do anything dodgy here, but this came up as a theoretical question about remote work and geographical security, and I realised I didn't know enough about this (as an infosec noob)

Presuming:

  • an employer provides the employee with their laptop
  • with security software installed that enables snooping and wiping etc and,
  • said employer does not want their employee to work remotely from within some undesirable geographical locations

How hard would it be for the employee to fool their employer and work from an undesirable location?

I personally figured that it's rather plausible. Use a personal VPN configured on a personal router and then manually switch off wifi, bluetooth and automatic time zone detection. I'd presume latency analysis could be used to some extent?? But also figure two VPNs, where the second one is that provided by/for the employer, would disrupt that enough depending on the geographies involved?

What else could be done on the laptop itself? Surreptitiously turn on wiki and scan? Can there be secret GPSs? Genuinely curious!

you are viewing a single comment's thread
view the rest of the comments
[–] CaptPretentious@lemmy.world 2 points 6 months ago (1 children)

If you have a VPN server set up at home, and like a portable router that allows you to establish a VPN connection to your home connection... And then you connect your work machine to your portable router that's connected to your home... Fairly certain you would always look like you're working from home.

[–] blarth@thelemmy.club 2 points 6 months ago* (last edited 6 months ago) (1 children)

I was looking into this for a family member who wants to look like they’re in a location a couple hundred miles away occasionally. I think the only pitfall might be if they are made to use an authenticator that can query their GPS location in order to enact conditional policies that restrict their location.

https://learn.microsoft.com/en-us/entra/identity/conditional-access/location-condition

[–] CaptPretentious@lemmy.world 2 points 6 months ago

Yeah if you have to use the authenticator app and it has GPS you might be hosed.