Telling my employer that my place of residence is in a US state (my parent's house) while I'm living in a foreign country. What are the chances of getting caught either by my company or the IRS? My work computer has no monitoring software or VPN, and I don't have to be on video calls.
If they have no way to track you, the only way they'd figure out is a mistake on your part. Don't need to worry about the IRS, as long as you keep paying your taxes. The problem arises in the countries you're staying in when they start wanting their tax money.
Could be high depending, seeing where you login to email or last reported IP from most webapps is easy. Gmail/O365 shows last login location from whatever IP it last pinged same with most firewalls if it's on prem stuff.
You probably don't make enough to raise any flags, like the other anon said pay your taxes on time and don't try to take too many short cuts to get a pass.
Well the IRS won't do shit even if they somehow knew since you will be paying MORE by not claiming foreign residence exemptions
Strongly recommend disabling or even taking out your wifi/Bluetooth card and sticking only to Ethernet connections. You might trip the TPM if it's enabled so at that point just disconnect the antennas and put some foil over the card.
Buy a travel router and establish a Wireguard or openVPN tunnel to either your own tunnel back home or a third party tunnel, but chances are way higher of getting caught if you use a third party since your IP address will be seen as operating from one of that companies data centers
The only way the IRS finds out is if your employer finds out.
This anon is retarded, TPM doesn't even make sense in this regard. It's good to have TPM enabled and bitlocker your device but it doesn't matter with Wifi or network cards. There is a higher chance your phone if used for work will give you away based on geolocation data, especially if you keep email on it.
If you truly want to not give a fuck and have something in the US, just get a cheap Windows 10 or Windows 11 VM in Azure or AWS. First year is free or "free with XXX credit" and you can pick the region/country needed, use SSL key for connecting and just keep it up to date in securit updates. Generally fine.
The overall chances your employer noticing is a toss up, if they are a bank, government agency, healthcare provider, they might or probably have policies both legal and firewall based blocking outside US IP's. If it's any SMB sized company it's unlikely their 2bit equipment cares, just make sure you have a cell plan like T-Mobile that doesn't care about long term oversea stays to keep a US based number.
The VMs seem like a bad idea, wouldn't the IPs being used be a dead giveaway that they're coming from MS/AWS instead of a residential ISP?
It's unlikely anyone would look past that far, and blocking Azure/AWS IP's is beyond retarded as many corporate websites use those IP blocks. Most FW software will just report the region/area, I doubt most network admins even like myself would look too hard into it to determine the residential vs. possible "why is this reporting L3?". Simply getting a US based public IP will be good enough as most firewalls and policies block via country IP's. Unless OP is working in healthcare, Government, or a Bank it's unlikely any network admin will look more deeply into it over "network traffic coming from the USA".
The VM is a good idea because you have out of band management on it, a pretty good uptime record, and options to expand it as needed. I can basically RDP off my chromebook into an Azure VM have all my tools working in my environment regardless where I am in the world. This is far better than VPN'ing into a home network with who knows what SLA or questioning if split tunneling is working correct. My boss doesn't care for our positions but we do look for foreign workers at some other positions due to data security policies.
Email on a phone is usually a bigger giveaway than the endpoint IP as most people who are DN have it there to keep in touch with the office.
Any decent SOC is going to look at those AD sign-ins and realize these new sign-ins are coming from Azure/AWS instance instead of whatever the user was reporting beforehand. Atypical travel/impossible travel rules for users are security engineering 101.
>implying we have a security officer
Living the dream in that case tbqh on god fr fr
Again without OP stating what kind of company he is working for it's hard to say, if he just needs an IP within the US Azure/AWS/Gcloud would work fine. This still would only come up and matter during audits if even that, if he can just set up a PC at his parents house he could do that. Even then the Security audit would really have to hone in on logs which is generally glossed over from 3rd parties so long as they see US based IP, shit most audits look for are foreign IP's.
OP has to elaborate a bit more on this, but a cloud instance would be good for a general use cases. Most companies don't care as long as the source IP is originating within the US.
Yeah it sounds like you work for a midsized company if you're not required to have email/contact shit on your phone.
OP here. Thankfully, I don't have email on my phone at all, or slack. No business apps on my phone.