Transcript:
Hi Jonathan Sandmel here from Steady Networks. We’re a long way into the pandemic but it’s still worth discussing whether or not employees for
your business should be using their home computers at work i still get this question more often than i thought i would at this point, so let’s talk about – i think i’m telegraphing my opinion here why they can’t use their home computers from a business network so let’s dive in and and ask three questions or at least let me give
you three reasons why i think it’s a bad idea.
Number one: let’s talk about those questions:
1. Do workers need a vpn – that’s a really common way that users get access and we’re gonna talk about why if they have a vpn that that can give you the answer you need.
2. If they need access to files and there are other ways to get access to the files the answer still may surprise you about why it’s risky to give access to personal employees home computers and
3. Can they just check email and cloud resources through a browser let’s talk a little bit about the pros and cons of that.
So first of all do workers need a vpn? now my answer is if yes they need a vpn then the answer is no they can’t use their personal computers and let’s take a look at why that makes sense. You’ve got a personal computer here if it needs access to corporate resources they’re going to connect to
their vpn through the cloud. Essentially that’s connecting their personal computer to your corporate network and from there they’ve got access to the servers and the files and all of those resources well if they’ve got a virus on their computer which is is entirely possible they
can easily spread that virus to the corporate network, infecting files with ransomware putting in trojan horses things like that that you don’t
want on your corporate network. So putting a vpn on a personal computer is is really very risky.
The second question we need to ask is do workers just need access to files well there’s a big question about data loss prevention if they are saving files to their desktop and they are fired or they’re they’re saving files to their desktop and you’ve got no control over that or they save files to the desktop or my docs and their laptop is stolen while they’re at starbucks doing work you have just lost a lot of control over the ability to
protect those files from from just lost through through negligence really more so than any kind of malfeasance, there’s also the
possibility of malware on home pcs infecting that data you could lose corporate data just by having uh the users have access to a machine again you don’t know what kind of antivirus if any you don’t know what they’re clicking on and children and other family members have access to those computers very often and you don’t know what they’re going to do with corporate files so having a higher level of protection for file access is another reason why you don’t want workers using home and personal computers you you want to be able to enforce encryption and
things like that to protect your corporate data and you just don’t have that level of control when you have a user working on a home pc
finally you know there’s a little stickier question of can they just access email and cloud resources if they’re just accessing through
a browser so that’s definitely a trickier question because it feels like there’s this uh safetybetween your user and the browser accessed
esources but it’s probably the safest option. while it is the safest option it’s harder to control what they’re doing same same sort of
thing if they’re if they’re not accessing uh word and excel or google sheets documents through the browser they’re downloading them to the desktop
and accessing them there for ease and convenience and being offline and that sort of thing in my opinion it’s not really
worth the risk of allowing users access through personal devices especially laptops and desktops that are living at the home.
what i would suggest is that you invest in laptops going forward we don’t know when the next pandemic’s going to hit and there’s so much
flexibility and so much power for most users in laptops that there’s no downside to just investing in all laptops going forward you can always have a docking station to make them more versatile have two they can have the same desktop experience with two to three monitors if they have a docking station and you know you don’t have to just take my word for it let’s take a look at the cis top 20.
now the cis the center for internet security has their top 20 security controls that they recommend for preventing most of the virus and and corporate infections and things that have taken place over the past you know five to ten years and what do they say in their top
20. let’s take a look at just the top five basic cis controls well inventory and control of hardware assets is number one that’s the number one thing a business owner can do to help protect their corporate environment as soon as you allow remote workers to access data from their personal pcs you’ve lost control of the hardware assets same thing with software assets you don’t know what software they’re installing there’s no way to monitor that there’s no way to prevent or white list the only known software assets continuous vulnerability management even at a minimum just running antivirus software you have no ability to control that and administrative privileges is another huge problem most of our corporate
environments users don’t have admin access.
in this environment they would have admin access typically built into the main user again this is where i worry about children and other family member members getting on the same computer that your employee is accessing business resources and the list goes on and on from there secure configurations maybe they’re running a window windows 7 environment because they just haven’t upgraded their home computer and we just don’t know anything about the maintenance and monitoring of those systems so for all of those reasons and more it’s not worth it invest in laptops and you can quickly and easily send computers home with your employees as they need access if you have any questions feel free to reach out to us steadynetworks.com give us a call 365 1975 and we’ll answer all your questions thanks have a great week.