Should Workers Be Allowed to Use Home PCs?

Video source missing

Transcript:

Hi Jonathan Sandmel here from Steady Networks. We’re a long way into the pandemic but it’s still worth discussing whether or not employees for
your business should be using their home computers at work i still get this question more often than i thought i would at this point, so let’s  talk about – i think i’m telegraphing my opinion here why they can’t use their home computers from a business network so let’s dive in and and ask three questions or at least let me give
you three reasons why i think it’s a bad idea.

Number one: let’s talk about those questions:
1. Do workers need a vpn – that’s a really common way that users get access and we’re gonna talk about why if they have a vpn that that can give you the answer you need.
2. If they need access to files and there are other ways to get access to the files the answer still may surprise you about why it’s risky to give access to personal employees home computers and
3. Can they just check email and cloud resources through a browser let’s  talk a little bit about the pros and cons of that.

So first of all do workers need a vpn? now my  answer is if yes they need a vpn then the answer is no they can’t use their personal computers and let’s take a look at why that makes sense. You’ve got a personal computer here if it needs access to  corporate resources they’re going to connect to
their vpn through the cloud. Essentially that’s connecting their personal computer to your corporate network and from there they’ve got  access to the servers and the files and all of those resources well if they’ve got a virus on  their computer which is is entirely possible they
can easily spread that virus to the corporate  network, infecting files with ransomware putting in trojan horses things like that that you don’t
want on your corporate network. So putting a vpn on a personal computer is is really very risky.

The second question we need to ask is do workers just need access to files well there’s a big  question about data loss prevention if they are saving files to their desktop and they  are fired or they’re they’re saving files to their desktop and you’ve got no control over that or they save files to the desktop or my docs and their laptop is stolen  while they’re at starbucks doing work you have just lost a lot of control over the ability to
protect those files from from just lost through through negligence really more so  than any kind of malfeasance, there’s also the
possibility of malware on home pcs infecting  that data you could lose corporate data just by having uh the users have access to  a machine again you don’t know what kind of antivirus if any you don’t know what they’re  clicking on and children and other family members have access to those computers very often and you  don’t know what they’re going to do with corporate files so having a higher level of protection for  file access is another reason why you don’t want workers using home and personal computers you you want to be able to enforce encryption and
things like that to protect your corporate data  and you just don’t have that level of control when you have a user working on a home pc
finally you know there’s a little stickier question of can they just access email and cloud resources if they’re just accessing through
a browser so that’s definitely a trickier question  because it feels like there’s this uh safetybetween your user and the browser accessed
esources but it’s probably the safest option. while it is the safest option it’s harder  to control what they’re doing same same sort of
thing if they’re if they’re not accessing uh word  and excel or google sheets documents through the browser they’re downloading them to the desktop
and accessing them there for ease and convenience and being offline and that sort of thing  in my opinion it’s not really
worth the risk of allowing users  access through personal devices especially laptops and desktops that are living at the home.

what i would suggest is that you invest in laptops going forward we don’t know when the next pandemic’s going to hit and there’s so much
flexibility and so much power for most users in  laptops that there’s no downside to just investing in all laptops going forward you can always have  a docking station to make them more versatile have two they can have the same desktop experience with  two to three monitors if they have a docking station and you know you don’t have to just take my word for it let’s take a look at the cis top 20.

now the cis the center for internet security has their top 20 security controls that they recommend for preventing most of the virus  and and corporate infections and things that have taken place over the past you know five to  ten years and what do they say in their top
20. let’s take a look at just the top five  basic cis controls well inventory and control of hardware assets is number one that’s the number  one thing a business owner can do to help protect their corporate environment as soon as you allow  remote workers to access data from their personal pcs you’ve lost control of the hardware assets  same thing with software assets you don’t know what software they’re installing  there’s no way to monitor that there’s no way to prevent or white list the only known  software assets continuous vulnerability management even at a minimum just running antivirus software you have no ability to control that and administrative privileges is another huge problem most of our corporate
environments users don’t have admin access.

in this environment they would have admin access typically built into the main user  again this is where i worry about children and other family member members getting on the same  computer that your employee is accessing business resources and the list goes on and on from there  secure configurations maybe they’re running a window windows 7 environment because they  just haven’t upgraded their home computer and we just don’t know anything about the maintenance  and monitoring of those systems so for all of those reasons and more it’s not worth it invest in laptops and you can quickly and easily send computers home with your employees as they need  access if you have any questions feel free to reach out to us steadynetworks.com give  us a call 365 1975 and we’ll answer all your questions thanks have a great week.