- 0127This is what we do for development containers/hosts - put them behind *.dev.example.com, allows us to hide most testing instances using a shared load balancer. And with a single wildcard CNAME, No info is leaked in CT logs or DNS. Said LB is firewalled, but why pay for extra traffic that's just going to be blocked?
- Some shortwave radios (like the TECSUN PL-380 I got off amazon), also support external power via USB. I almost prefer this over the crank charging some have
That way, I don't need to worry as much about batteries, adapters, etc. and I can pretty easily find or make a 5V supply to power everything important
- My company is implementing this exact thing - and in general for company laptops I'd say it's not really too crazy (freelancers, contactors will most likely be given machines too if they need any level of access to our stuff/code). From what drata told our team - the agent is based on OSQuery, and just reports disk encryption, antivirus, screen lock, installed applications.
Not sure what the other commenters in this thread are going on about but AICPA's soc2 common criteria _do_ require that a bunch of that stuff is configured. The reality we're facing is that unless we actually monitor for those basic security config things, sales/marketing/etc will disable those setting for no reason and promptly leave their laptop in a Starbucks with client user lists or confidential data on it.
For other context - based on our research, compliance automation platforms like drata or secureframe greatly decrease the cost of the actual audit since it makes evidence collection that the proper security controls are in place and are functioning much easier.
From your perspective though I 100% get the concern though from a freelancer - I'd say that they shouldn't want you to be handling their source code on your personal machine anyways and should prob. send you a laptop.