I think I may just have a tainted perspective on this. I’ve worked in digital forensics/incident response for >10 years, so I have an appreciating for the level in which businesses need to protect themselves, and I’ve grown a fondness in never seeing my personal data end up under a litigation hold. It’s the same reason why I’m a strong believer in making sure to have different email accounts for work, personal, different side projects, etc.

Compartmentalizing is a valuable Op-Sec practice.

Yeah that's definitely fair. I'm a bit paranoid and jump through more security hoops for myself than any employer has ever required... so if you're not the type of person that enables 2FA and uses password managers at a minimum, just do everyone a favor and use a separate device.

I could do that at my current company (long term relationship). But I feel safer by not doing that. I don't take care of every security risk on my private systems. I probably should but that is another matter.

For security purposes we route all internet request through our company VPN to scan for malware. Company notebooks are required to use the VPN tunnel and they do if you don't have admin rights and change that behavior. I think it would be really bad if all netflix traffic from employees gets routed through our companies internet connection. I don't want to put that on netflix support to figure out the problem people are having...