Isolating Personal And Business Work Flows
I need remote access to work related computers. My primary focus is protecting business systems and data should I lose control of my personal computers.
I want to ensure anybody gaining access to my personal computers does not have access to work computers.
The conversation starts with a reasonable presumption that the business computers are protected against intrusion.
To access business computers we use SSH key pairs. We do not use SSH passwords. I use a pass phrase to protect my private keys. On some systems we use fail2ban to reduce brute force dictionary attacks, but recently shifted to allowing access only within the company subnets. Other direct access is through plain old passwords.
One option to isolate business and personal usage is using a computer dedicated to business access. This is not budget feasible by me or the business owner. Impractical too because I do not want to carry two laptops with me.
From home I access the business computers with a stationary office desktop and a laptop. The mobile laptop extends the range outside the home. I store my private SSH keys on these two systems.
Currently I am the only user of both personal systems. In that sense I have some nominal isolation.
Being mobile the laptop poses a more serious risk for potential security breaches.
I use Linux systems. I live in a small town rural area where 99% of the people who use computers are unfamiliar with Linux. They will have no clue how to use my computers. Anybody booting my laptop will be greeted with GRUB, which is the first layer of confusion for anybody finding my laptop. They will not know what to do with the boot options.
After letting GRUB boot they will be greeted by a console login rather than a graphical login manager. More confusion.
I do not use my given name with any login account. Even if such a person knows I am the owner of the computer, they will be unable to guess my login account name. At that point somebody trying to access or return the laptop to me is stumped. I added a snippet to the console login prompt with an email and phone contact. Living in a small town rural area means many of the people will try to return the laptop to me.
So far so good. People accessing my computers are unlikely to log in, let alone access business computers.
Those who are not interested in returning the laptop to me are a different game. The rules change should a person want to sell the computer to an unsuspecting pawn shop owner. Or if the person knows how to use live ISOs or wipes the drive and installs Windows. With such an event a security breach must be presumed.
In between those two end points is basic security. How much convenience do I surrender to improve security?
I could encrypt the laptop hard drive. I have no experience with that. I do not want the inconvenience when using the laptop at home. I do not store personal information on the laptop.
If a person gained temporary access to my computers, then some simple security through obscurity seems sane. That is, if a curious person started poking around the desktop, not finding related business related information or links keeps that user ignorant. What they do not see they do not discover.
A separate web browser profile for business related sessions might help. A separate profile provides a nominal layer of isolation and obscurity. Not using a desktop icon or menu item for the second profile provides nominal security through obscurity.
A decent start, but a separate web browser profile does not hide my shell history. I use SSH a lot to access business computers. While a malicious user still would not know passwords they at least would discover the servers I access.
A separate user account is another idea. This option moves into the realm of being inconvenient. This option only stops honest people. A tech savvy user would gain access to the account.
Dual booting is another option but more cumbersome and inconvenient than a second user account.
A virtual machine (VM) provides isolation and is less inconvenient than the previous options. A VM could be stopped in a saved state mode, which then provides quick startup access when needed. A standard login password prevents using the VM. The virtual disk could be encrypted.
In a potential security breach some obvious response actions are to purge all related public SSH keys as well as change system passwords. Possibly rebuild systems. All inconvenient but doable. I would rather avoid all of that. An encrypted VM would suffice.
Encryption probably is the only robust protection against a tech savvy user.
For work compatibility I will install CentOS 7 in the VM.