with this whole Corona and working from home thing I’m a bit confused of monitoring. My company uses Citrix which I access with Safari on my Macbook. Does my employer get access to my IP address and can see from which country I work? I am supposed to work from France but would like to spend some time in Italy. Is it possible to see for my employer that I’ve been working from Italy? And can I avoid this by using a VPN that creates a French IP address or is this not possible with Citrix because it detects the fake IP address?
If you’re supposed to work from France; then be in France while you’re working. If you want to spend time in Italy and work, seek your employers’ permission first. They may have legitimate legal/security reasons for you being in France.
Don’t be “that” guy that gets canned because you tried to circumvent your company’s policies. I’ve seen people disciplined for working from home without permission or directive- it can happen.
Yes, we can see what IP address you’re connecting from. If your company is serious about it they will know that you’re connected via VPN, but they wouldn’t be able to determine the real IP address.
Thanks Liwanu that’s very helpful. So if my employer is serious about it he might find out that I‘m using a VPN to hide my real IP but he cannot find out which is my real IP correct? So he won’t see I‘m in Italy?
Probably they don’t monitor or spy as company is quite big but you never know…
No there is no specific reason I checked, it’s just they once determined it like that (long before corona) and are not willing to change their policies…
Then yes, they can absolutely see your IP. They could even block known VPN providers- this is not something we can answer for you as it’s custom to your company.
So if my employer is serious about it he might find out that I‘m using a VPN to hide my real IP but he cannot find out which is my real IP correct? So he won’t see I‘m in Italy?
Few points here:
If they’re using Security Analytics, then starting to use a VPN when you haven’t before will impact your user risk score. Even moreso if it’s hosted in a different location than you usually connect from.
If they start poking around, they’ll likely be able to determine you’re using a VPN but their visibility stops at the VPN provider’s address.
If you ever forget to activate your VPN, or it fails and your machine happens to make a request without being behind VPN, then they’ll have your real public IP in their records. If they’re using any kind of enhanced security monitoring this could definitely trigger more red flags.
Goto Azure, create a vm based in France.
RDP it from your home, where ever it is.
Install Citrix in the VM
And login to your work and use it.
How it make sense.
That’s very interesting. So if I start a VPN and then open my safari to log into Citrix, security analytics will forward an alert to my company? So then better keeping the original IP address in Italy although I usually work from France? That won’t rise my risk score at security analytics?
So if I start a VPN and then open my safari to log into Citrix, security analytics will forward an alert to my company?
Not exactly. It’s more like if you normally connect from an IP that resolves to the US but suddenly you connect from Italy, that could be detected as an anomaly. Especially if both events happen within a span of time where it’s physically impossible to travel that distance, or if you have multiple sessions from two different places at the same time. It’s based on historical user behavior. And even then, it depends on the configuration as to what admins get alerted about or take action on.
Is it likely that anyone cares? If you’re not in a high security organization, probably not. Is that foolproof? Definitely not.
