RE: Home laptops on a corporate network

I take it assigning the users who need to work from home company owned/managed laptops, and then providing VPN access to these laptops, is just not an option?

Setting up -somewhat- secure access to the corporate network from a staffers home computer just seems like too much trouble and too much risk for what you'd just be easier to buy/image/issue laptops.

On Fri, 11 May 2007, krymson@xxxxxxxxx wrote:

If this scenario is an absolute must, even in the face of HIPAA (and if this were my data, I'd be highly concerned about this company...), then I do like having users VPN into an isolated network segment and then connect to a Terminal Server to do their work.

However, not to throw monkeywrenches in, but this solution still does nothing about keyloggers, screenscrapers, or even a full-blown screen capture program running to record all this data. Even just one frame of a doc open can be enough to spoil your HIPAA party depending on the data these users have access to. Really, there's nothing you can do about this other than disallowing their home systems.

You do have to pretend two things:
1) Assume you have the filthiest, most infected, worm-ridden home PC ever connecting to your network.
2) Assume one of these workers will be wanting to sell this data or maliciously gather and use it.

You can take action against 1, but you're not going to be able to audit 2 unless you own the devices they are allowed to use.

Relevant Pages

  • RE: Home laptops on a corporate network
    ... The places I come as a systems consultant don't use the measures you are ... Home laptops on a corporate network ... users are required to bring their laptops into the office ... Wouldn't a regular vpn just open for all kinds of badware they have on ...
  • RE: Home laptops on a corporate network
    ... where would there be data leakage with TS and proper firewalls and policies to prevent sharing of client hard drives? ... Home laptops on a corporate network ... They're bound by HIPAA, and still want this? ...
  • Re: Network login and e-mail address
    ... Outlook Exchange server can also be queried in the same ... > corporate network through laptops: all its gets me is their user ID on ... > send an e-mail message? ...
  • Re: Home laptops on a corporate network
    ... Home laptops on a corporate network ... Whenever you have an employee with a laptop, you create a liability to your network, allowing them to use personal laptops presents an even bigger liability. ...