If I’m using a personal device and connecting to my company’s wifi using a third-party VPN like Mullvad, how effective is it in preventing my employer from seeing my internet activity?
Like any other VPN, your employer can see that you’re connected to the VPN server IP address and that there’s traffic exchange happening between you and the VPN IP.
That’s about it.
Yeah just make sure the DNS isn’t one the company uses
Very effective so long as your connection doesn’t drop.
in theory, if youre vpn your employer is not able to see your network traffic, add https, and also kill switch
On your own hardware, all they can see is that you’re using a vpn, and how much data up/down is going through it. For any positions that have access to sensitive data, if they can tie this traffic to you, even if the data is benign, this is generally a fire-able offense. I’ve seen accountants start sending files to their home pc via vpn, and they’ve been escorted out of the building by armed guards before they can even make it to the elevator. Also, if you’re on a company provided machine, you can bet they can see everything from the traffic you’re sending, to screenshots of your screen at all times. Company laptops can even scan your home network if you bring them home. So be careful. And good luck.
When looking at DNS logs as s a cybersecurity dude
I would only see traffic all day going to surf shark
Or whatever VPN your using
Will just see a shit load of that lol
Make sure your Killswitch or whatever is on so when VPN drops
It doesn’t use anything else.
I’m referring to your mobile devices btw.
Company owned assets we don’t want any of that. We (security) need to analyze all DNS traffic to see what’s going on and who to block.
Thanks, everyone, for the responses.
That’s exactly what a VPN is for.
He will see nothing. If you are working on my company, dont try it… i will find you and do horrible things to you or you pc.
Jokes aside:
If you like your Job, dont use VPN at work. edit: this kind of vpn
If your device is joined to a domain, and say you’re using Microsoft Defender for endpoint it doesn’t matter if you’re running through a VPN or not.
Say you’ve logged into Teams/Outlook once and you accepted the terms. Boom. They can see everything until the device gets offboarded. If it’s a clean device, they can’t see much.
Sure, the admins can’t sniff network traffic and see what you’re up to since it’s encrypted, but if your device has a sensor that reports back they can see what you’re up to anyway.
Even though you submit DNS requests directly to the VPN they’re stored locally on your computer. And guess what’s getting reported back through the sensor?
Unless your employers IT-department are incompetent they can see every little thing you do, down to what you type if you’ve ever logged into any company resources from the device, even if it’s a personal device.
What I find interesting, is that he is able to even use a VPN. A lot of company’s have adopted VPNs themselves meaning the only way to connect to the work environment is by VPN. Which means you can’t use two VPNs. Even with a hotspot you usually have a company portal that creates a secure connection to the company assets. Meaning there is no way to hide any traffic because the only way to access the internet is through the portal/VPN. All traffic is router to them. Browsing etc etc.
Fyi… I work for a .gov, we decrypt all traffic .
disgusting wise illegal foolish vase crowd rotten shocking racial rock
This post was mass deleted and anonymized with Redact
quicksand special clumsy offend recognise follow lock entertain badge marble
This post was mass deleted and anonymized with Redact