I have a company-owned laptop used for work. In the past I have used this company PC to login to websites with sensitive financial data. (Vanguard, PayPal, Mint, etc).
A few months ago I learned that my employer scans HTTPS traffic using a MITM intercept.
The HTTPS connection doesn't report any errors, as a custom certificate authority has been installed by my employer. This is most noticeable when examining certificate details, as my employer is listed as the verifying party on most sites1.
Initially I hadn't realized my web traffic was being interpreted, as neither Google Chrome or Internet Explorer had reported any HTTPS authentication errors. Firefox was the only browser to report any security issues2.
While I don't expect my employer to intentionally snoop over my personal information I am a bit weary about using my company's network3 to access sensitive bank information.
Is it safe to login to financial websites from a work computer?
Notes:
1: Financial sites like Paypal list Symantec Corporation as the verifying CA, rather than my employer. Whether Symantec can be trusted is another question entirely...
2: After updating to Firefox 55.0.3, the browser no longer reports authentication errors on my work PC.
3: Our company wifi uses WPA-2 Enterprise with AES encryption.