Remote Workers
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Remote Workers

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Question Remote Workers

    Nah! not the zombies in the EVP suite

    We have discussed home/remote working on this site on a number of occasions, and I just came across this:

    http://www.networkcomputing.com/chan...leID=207001247

    As I have always expected and predicted, the trend towards employees working from home is on the increase, as it seems (financially) to be a win/win scenario.

    Obviously this brings in a new set of security concerns and considerations? or at the very least, variations on the traditional themes?

    Anyone got any thoughts and/or experiences on this? I am particularly interested in the regulatory compliance angle but please feel free to take the thread in whatever direction takes your fancy.

  2. #2
    Senior Member
    Join Date
    Dec 2003
    Location
    LA, CA
    Posts
    292
    My own choice would be going into the office. I'm more of a face to face communicator so I tend to create apps that fit the person requesting its expectations better than if I chat via im. My past job had offices worldwide that would work together on projects and it never seemed to produce as good of results as groups physically located together. :/
    A mind full of questions has no room for answers

  3. #3
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58
    It's only possible to do it well with a masterful IT department. Imagine if something went wrong and all your employees mailed back their workstations at once.

  4. #4
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    I supported workers both at home and in the field at a mfg'ing company for over a year. Mostly sales reps, some engineers. They were primarily using company-issued computers, mostly laptops, some desktops, though many workers used their own PC's to work from home afterhours. The company had PPTP set up with Active Directory. That was pretty much the extent of our security, other than antivirus. No radius server.

    There were numerous weaknesses with that setup. One was PPTP, often considered a less-than-ideal VPN setup. And then a lot of these guys were bringing in their company-owned PC or laptops chocked full of spyware. Spybot picked up 1900+ pieces of spyware on one sales reps computer. The guy acted like it was no big deal, but I thought it was a personnel issue and suggested so. I was PO'ed with the user's nonchalance. Another user, a field engineer, was having problems left and right with his laptop, I got it in and found it full of warez. Again, a personnel issue. And of real concern, to me anyway, was the amount of users who were onsite in China and to what extent they were subject to packet sniffing there. But that wasn't my dep't.

    The crux of the problem from my point of view was the company had been rolled over several times into new ownership and IT had gone from a state-of-the-art Microsoft shop to a hodge-podge old hardware and software in just 4 years time. IT had been cut from 30 employees to maybe 5 people before being outsourced to my employer. Even though we had a AUP in place, there was no teeth in enforcing the thing. But having said that, IT was very much in transition while I was there. Spending, or the lack of it, was a serious issue.

    The mfg'er was privately-held and not subject to Sarbanes-Oxley, but it was an ITAR (defense-related) facility. It certainly costs more to secure and support home workers than workers onsite. If you're going to do it right, anyway. So I'm not so sure it's win/win in that respect. Frankly I was shocked at some of the security issues onsite as well, but I won't go into that. Generally, our remote users didn't feel any responsibility for security, which may be a training issue as well as a policy issue too. I don't know how you train users who don't give a feck, except to throw the book at them.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  5. #5
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    As someone who does it, I can tell you there's defnitely problems but for the most part it works extremely well. Naturally everyone is always VPNed in when working and it probably does depend on your particular job. I think it's better suited to some jobs than others.

  6. #6
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246
    +1 brokencrow!

    My jaw dropped reading your account, gore. Seriously, home/remote workers should be put through some mandatory training. I'm pretty paranoid, but I can imagine less security savvy employees going about their "business" and exposing their company to countless threats.
    Last edited by phernandez; April 4th, 2008 at 11:44 PM. Reason: Mix-up in poster identities :P

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    It's only possible to do it well with a masterful IT department. Imagine if something went wrong and all your employees mailed back their workstations at once.
    I certainly agree that it requires a different management style and support model, but in a way it is a bit of a double edged sword. Having everyone out of the office during a security alert means nothing gets done.............. at least your remote workers could continue as normal.

    It certainly costs more to secure and support home workers than workers onsite. If you're going to do it right, anyway. So I'm not so sure it's win/win in that respect.
    Hmmmm, as the saying goes "your mileage might vary" but I would guess that to provide a workspace in central(ish) London right now would cost $(USD) 40,000 per annum. That would buy rather a lot of offsite support.

    I would suggest that the figures are lower in other major UK cities (pop. > 500,000), but not by that much. I could go to my largest nearby city (pop. 250,000+) and could probably get the same for say $12,000, given the state of the local economy there.

    We appear to be going into a major economic downturn, and it is a lot easier to get rid of remote workers than an office block nobody wants?

  8. #8
    Senior Member Info_Au's Avatar
    Join Date
    Jul 2001
    Location
    Melbourne
    Posts
    273

    Talking

    I love working from home.

    There is only one problem!
    A part of my work requires to look at advanced sales and order stock accordingly.
    The program used in the office(name not used) for this also has a section for accounts and i can see the need for Zero outside access for this as all account holders credit card details are stored here.

    I bypass this by getting a girl/guy in the office to email me a "pdf" copy of file i need.
    This is done with managers approval and person sending to me is high in Admin section so not all users in the office have this ability to send out files.

    This worked fine for me when i was sick off work with Kidney Stone recently.
    I'm trying to do more work from home now....Much nicer.
    Saves company on Fuel.
    Saves me time on travelling to work.

    Although the wife now wants me to do more house cleaning now im home more....blah!

  9. #9
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Touché, nihil. I hadn't figured on central London. Here in the States
    we often just jam new workers in closets if we have to, with folding
    tables for desks. And travel time and expenses to and from an office
    are generally considered "commutes" and borne by the employee.

    Just curious, Info_Au, your bypass, the PDF, is that encrypted or secured
    in any way when it comes via email? Email in and of itself is not considered
    secure unless used in conjunction with a product like PGP.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  10. #10
    Senior Member Info_Au's Avatar
    Join Date
    Jul 2001
    Location
    Melbourne
    Posts
    273
    Quote/
    Just curious, Info_Au, your bypass, the PDF, is that encrypted or secured
    in any way when it comes via email? Email in and of itself is not considered
    secure unless used in conjunction with a product like PGP.

    The PDF is not encrypted.
    Good point you have there on the emails to me.
    Will let them know in the office about this.

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Trojans - Ports
    By GbinaryR in forum AntiVirus Discussions
    Replies: 11
    Last Post: October 30th, 2008, 10:33 AM
  3. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  4. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 08:47 PM
  5. ports
    By hatebreed2000 in forum AntiOnline's General Chit Chat
    Replies: 1
    Last Post: March 14th, 2003, 06:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •