I imagine the common answer is a physical “work-provided” laptop but I’m curious, does anyone run VMs or another solution?
Edit: what I’m interested in trying is finding a good way to run a macOS VM on an Apple Silicon Mac that doesn’t suffer much performance hit. Open to suggestions, thanks
1. If your company is sued, and your work is involved in the lawsuit, they can take your laptop for an indeterminate amount of time, and everything on your laptop can be included in evidence.
2. Depending on the country you live in (and this is most countries), you may have no expectation of privacy on the laptop used for work. The software they're installing may (and probably does) have full privileges, and can remotely access your data and running apps.
3. Depending on the country you live in (and this is most countries), any work you do on that laptop may belong to your company, even if done outside of working hours, because your laptop is being used as a work laptop.
4. You don't want to be the weak link in your company's security. Work laptops tend to be more locked down, have fewer, more thoroughly vetted applications, and your company is ideally also ensuring the applications (and OS) you're running are patched. If you're owned through a non-work related application, and that is used to escalate privileges into the company, who's liable here? You never want that to be a question.
5. Companies tend to disallow employees from bringing company devices into certain countries. This would also mean you can't bring your own laptop to those countries either.
6. What happens to the company data when you stop working for them? Will they remote wipe your laptop?
If you want to know why, check the paperwork you had to sign for the job. I can 100% guarantee that you will find some legalese on IT, security and liability somewhere. In other words: If something goes terribly wrong you could be fired on the spot.
While there has not been much "gross software" to maintain locally, I am in the business of testing untrusted code. At first, VM environments were provided to accommodate this. That became increasingly impractical and inaccessible.
In each of the OSes I've used, I've created a separate user account exclusively for work. I used to log into Slack on my personal account, so I could watch it 24/7; that's no longer necessary, and so work and personal are partitioned chiefly by the user account I'm logged into.
The Chromebook is my newest system and provides the best isolation. Untrusted Linux code can be tested in the VM provided, because what else will I do in there?
I currently have two pain points in ChromeOS: no way to test Windows PowerShell, and my password manager's database is read-only, but the latter is a personal choice of software. It's nothing that will get support from my employer or a fix from Google.
I don't know what you consider gross, but I'm sorry that work is like that sometimes.
I'm not sure how to accomplish this on Macs with the arm chips now though.
Why would I? Those are my machines, and don't have anything to do with my employer or the work I do for them.
> I imagine the common answer is a physical “work-provided” laptop but I’m curious, does anyone run VMs or another solution?
At a couple places, I've had a Windows partition set up for AD password changes/whatever else I ended up needing a Windows machine for, but did most of my work in the Linux install I put in a second partition. I've also just booted a Linux environment in VMWare Workstation.