So I just got a job working remotely and they want me to use a program on my computer to log into another PC. I have some concerns about that program being able to look around my PC so I’m going to buy a second SSD and dual boot windows from it in my machine.
Still have to figure out a few things like limiting that windows install’s access to the other drives but it should be straight forward. If any one has any experience with this I’d love some advice or tips on things I should look out for.
I would also look into using vlans with good rules. I have a work laptop I use at home and it’s loaded with security agents that I do not want scanning my LAN for shares, devices etc. so I made a vlan for work and rules in pfsense only letting that vlan have traffic with the wan.
A virtual machine is a great idea although I’ve never set up one before, any recommendations on software for windows? If you know a good video guide that would be awesome too :).
If it’s your computer, politely tell them no. Let them know you’ll install anything they want you to install so long as they provide the device. No reputable company will take issues with that. 100% of them have provided a company device or offered a stipend to buy a device that would be the company’s property.
If it’s their computer, don’t put your personal files on it. Privacy isn’t the only issue here; if it’s their device any work you do using it is done using their resources and they can claim ownership of it.
If it’s a remote desktop session that can work on Linux I’d even suggest scooping up a Pi 4 and use that as a thin client to access your remote station. It’s plenty enough to do such things and it’s a completly separated machine from your personal one and it’s reusable for lots of stuff in the future.
I agree with all the comments regarding VLANs and trying to isolate as much as possible the remote connection from the rest of the devices in your network.
If you need Windows I’d suggest using VMware Player. It’s reliable, free and has built in seamless mode between host and VM if they both run Windows.
A company I used to work for was asking only the WFH employees to install just OpenVPN and a sip phone (both FOSS) on their devices. I think that was reasonable, aside from requiring them to run Windows (there was 1 or 2 with macOS that we managed to work with, but it wasn’t easy). Very few needed office, so they used RDP to connect to a WinServer 2016 with office and another proprietary software running on it.
On Windows, if I must run a VM, first choice would be HyperV, followed by VirtualBox. Not a fan of VMWare Player / Workstation.