> You can't blame a company for wanted to protect itself against a disgruntled employee that wants to push the (example - not applicable to your company) ebanking software code out in the open.

The thing is, they can't, not if my PC is still usable for day to day work. For a legitimate user, the ways to extricate data are endless (e.g. tunnel out via DNS, embed into video streams (for customer training or something), hell, even simple stuff like embedding data into the monstrous modern MS Office files should fly under the radar). The real value comes from making certain that a) only those that need access, get access (e.g. why do I have read/write access to the sales file folder as a developer?) and b) minimize the result of a breach ahead of time, which often coincides with doing good work in general. For instance, don't lie to your customers on a regular basis, treat your employees respectfully, and – regarding your example – write closed source software as if it was open source the whole time. It's not as if attackers need the source code to fuzz your software for vulnerabilities.

On a principled basis, I really dislike the world view where the employees have to be constantly prevented from getting the better of the company. If you don't trust me enough to surf on news sites during my time off at work, you should not trust me with software development, where laziness has often far worse consequences than not doing any work at all.

These protections never really work against people who really want to get data out. Worst case you could just take pictures of your screen and read text back via OCR.

But most employees would never know how to do this and even if, the threshold is high to go to such lengths. Most companies primarily want to prevent users from sending out data by mistake or via malware, since these are probably >99% of the reasons for data loss.

I also dislike companies restricting employees. But I also know people from our IT department and the incidents they have to fight on a daily basis. If you don't restrict your network and company computers, you'll very quickly end up with malware, randsomware, leaked data etc.

I think we're mostly in agreement.

The original scenario HenryBemis painted involved source code being leaked, so I think it's fair to either assume the employee is technically competent, or should not have access to it in the first place. Also, their scenario involved disgruntled employees, so on the other end of the spectrum, if you have, say, sales representatives which want to take out their customer database, then it's well in their motivation spectrum to snap a few hundred smartphone pictures of Excel or Outlook with a pdf "scanning" app to get a nicely printable address book. Sure, it's not perfect, but it can still be damaging as hell. Basically: Don't rely on data exfiltration to fail.

But the reason I've bothered to write the first comment, is that it's such a huge productivity drain to develop software on a locked down machine. I'll think twice or thrice before taking on a position where I don't have root access to my computer.

I concur most non-technical employees don't need (or should have) more than the equivalent of a Chromebook.

The problem is that not all warning signs rise to a fireable offense and in todays sue happy climate even at will employment has restrictions that protect workers rights

> That said.. why would a person use the corporate computer for their (allow me the use of the word) 'hobby'?

Because my work computer is around 100 times faster than my personal one.

I have the opposite situation: My personal computer is faster .

Assuming both are laptops and you don't have some insane personal computer - you should seriously examine why your workplace is skimping on a few hundred dollars extra on a machine that might save you, an employee with a salary in the tens of thousands (or higher) a few days of waiting for things to load, render or compile a year.

There certainly is a logic around not wasting money where it'd do no good - but companies that are tight with employee capital expenditures make me really nervous. It's a thing I've avoided consciously in employers since my thirties - if you don't value me enough for a decent keyboard, a chair, and a sufficiently performing computer - then you don't have anyone who is sane at evaluating RoI at your upper echelons.

My work computer and personal computer may be roughly on par as far as the spec sheet goes, but my personal computer does not have McAfee, so it's at least 100 times faster.

No, both are desktops; and I work at computer engineering department of a (not so research-focussed) state university as an academic, with my specialisation being low-level software engineering; not at a software company. Even lab computers are not so better than my personal computer, except for the supercomputing lab.

Even if the work machine has comparable specs to personal computer, it's much slower. Every machine is fast, but put antivirus software on it, backup solution, 10 "corporate security" products which monitor and log every move and even the strongest machine slows to crawl.

My work computer would be substantially faster than my personal computer if it wasn’t bogged down by so much IT crap. In practice my personal computer substantially faster to get anything done because I have to fight it so much less.

I really wish I could use my personal laptop at work, but now it is hard, because GDPR laws mandate that I would need to take additional security measures and could be held responsible for any data leak. Using company issued laptop avoids the problem - all responsibility rests on my employer's shoulders.

And having two computers is just annoying. I dislike when companies prevent me from using my computer for personal stuff (esp web surfing). But if I was in charge, I also think I wouldn't take that risk and prohibit use outside work. The risk just doesn't justify the benefit for the employee.

Then buy a faster personal computer? The resources I have freely available at work are infinitely more than I have at home, but that doesn’t mean I can set up my own Netflix competitor on it.

I love these requirements at work! Yes, I need to buy my own computer, but now I can leave my work laptop in the office.

Which helps avoiding working late as partner expects you to be on time for dinner, and as you don’t need the work laptop at home as it’s not shared also as a personal laptop :)

I swear that’s main reason employers allow you to use your work laptop for personal use too. As you will have your work laptop with you at home so they can let you easier work weekends etc

>You can't blame a company for wanted to protect itself against a disgruntled employee that wants to push the (example - not applicable to your company) ebanking software code out in the open.

It's pretty dumb to block gitlab when you employee can just... copy the codebase to an external drive?

> why would a person use the corporate computer for their (allow me the use of the word) 'hobby'?

Doesn't have to be hobby. A lot of corporate code these days is based on open source libs. What if you fix a bug and want to push upstream?