Telecommuting Backlash 250
coondoggie writes to tell us that advocates of the telecommute have stood up against recent finger pointing based on recent telecommuter screw ups. One of the more notable screw up was the recent loss of many veteran's personal information by a VA employee. From the article: "Despite years of growing acceptance, telework still has such detractors. 'The No. 1 challenge is cultural inertia. It's motivating the middle managers, teaching them a new way of doing work,' O'Keeffe says. 'It's the Luddite mentality that we need to change.'"
The problem isn't telecommuting (Score:5, Insightful)
Re:The problem isn't telecommuting (Score:5, Insightful)
I think it really is about telecommuting, and laptop computers. More and more, sensitive data is portable, and more people are taking advantage of that to move sensitive data from "secure" environments to "convenient" environments.
Having some asshat steal a computer full of data doesn't really happen that often to people who keep their computers locked in an office at their employer's campus.
Re:The problem isn't telecommuting (Score:5, Insightful)
My employer mandates that the encryption feature of our notebooks be used. But it's a PITA, especially if your drive gets corrupted. To counter that we have an on-line backup system that takes a daily image (file by file, not binary image of the disk, for obvious space savings possibilities) of your drive and stores it whenever you are in the plant. While you are off-plant you are still secure because of the encryption. If we lost a notebook we could lose billions of dollars (assuming it's the right notebook). Shit, the data on mine is worth ~$75-100M.
The headlines should read: MegaCorp loses notebook with customer data on it. Company issues this statement: "This is a non-issue, the notebook was encrypted with a system that meets XYZ standard, it will take no less than 200 years for the system to be cracked."
And the statement should be true.
-nB
Re:The problem isn't telecommuting (Score:5, Funny)
Re:The problem isn't telecommuting (Score:5, Insightful)
Have fun with:
2 proxies
3 NAT layers
1 terminal server (which I suppose is another proxy).
My real point was that there is not a reason for theft of a notebook to be an IP asset issue. If I can "safely" take my data with me, then why not customer data in the same method?
the answer is simple: most companies think their IP is worth more than customer records. If they would simply make the statement:
{IP += CustomerRecords};
then there would be no issue, as you would see the data locked up tight.
-nB
Re:The problem isn't telecommuting (Score:5, Funny)
By the way, for making your 1361st comment on Slashdot, you win a free USB drive. Where do I send it?
Re:The problem isn't telecommuting (Score:5, Funny)
2 PO Boxes
3 Foreign countries
A customer's secret, illegal account in the Cayman Islands
Re:The problem isn't telecommuting (Score:2)
Granted, there are probably not too many adversaries in the world that have t
Re:The problem isn't telecommuting (Score:5, Funny)
Oh crap, I shouldn't have said it's a secret.
Oh crap, I definately shouldn't have said it's illegal.
Re:The problem isn't telecommuting (Score:5, Insightful)
Re:The problem isn't telecommuting (Score:3, Interesting)
What benefit do you gain from 3 layers of NAT and 2 proxies other than a ton of lag? A single well configured version of each should surely be sufficient.
Just taking a swag at it...
Home network
Corporate network, likely main corporate domain and/or remote access point.
Corporate subnet, likely his corporate sub-domain.
That's easily 3 NAT's and a couple proxies, only the first under his control.
Am I close?
Re:The problem isn't telecommuting (Score:4, Funny)
It's security that makes people cry, especially when a part is cut out of it with a knife.
Fear my Google-Fu (Score:2)
Let's just say there are enough breadcrumbs to follow to determine:
- Family status
- State, City
- Interests
- Reasonable initial estimate at real name and ethnicity
It could probably go a lot further than that, but I stopped there. The point is that if you have been online long enough, you will leave a trail that can be followed through the Internet mists, even if you only use a nom de guerre.
Re:The problem isn't telecommuting (Score:5, Funny)
Just for fun I did a GROUP BY query grouping who tested posted for what drug by SIC code, in descending frequency. The pattern was: Construction Workers, Marijuana and Cocaine, far and away #1. Second: employees of the school system, alcohol. Everything else was kinda scattered all over the map. I think that rather than demonstrating what kinds of people take what drugs, it demonstrates who gets hassled the most by the drug policies.
Re:The problem isn't telecommuting (Score:5, Insightful)
Oops, the laptop that was stolen had the PGP password written on a post-it-note. Or it was the guys' daughters' college fund account number. Or they were logged in while working at a coffee shop, got up to use the bathroom, and came back to an empty table. Or a corporate spy stole it once, put on a keylogger, and then steals it again. Ask the police how private your fingerprints are. Does your boss put retina scanners on all company laptops? Can you be sure that nobody with data access would be dumb enough to keep any of that info on their USB drive or a CDR? Are you using strong crypt on your swap space? What do your bosses do to make 100% sure that nobody is printing out information on their home deskjet and leaving the printouts in the recycle bin on thursday morning? Are you so sure that there aren't moles in your office that you'll let a billion dollars juts walk out the front door? If your data is really as valuable as you say it is, then you need to have the working assumption that someone out there is going to pull some James Bond style shit to get at it, they're not going to stop at "aw shucks, they *encrypted* it!" A password is relatively easy to bribe someone out of. If they never have to show up on site to access the data, then that's all they'll ever need.
When your data is valuable enough that people would REALLY want to steal it, people, not protocols and passwords, are the big problem. When you let people just walk out of your office with company secrets, you're not just increasing the size of the problem, you're adding entire DIMENSIONS to it. People get lazy about things that they have to do every day. Lab Chemists and Biologists have horrible cancer incidence rates because they eventually get lax with safety procedures, even though they know better than anyone on the planet how dangerous what they're doing is. The human brain is set up in such a way that something it encounters every day without visible harm stops registering as "threat" pretty fast. No matter how rigorously you try to follow standard XYZ at the office, people will get lazy when they're looking over some work in front of the TV.
Re:The problem isn't telecommuting (Score:3, Insightful)
Re:The problem isn't telecommuting (Score:5, Insightful)
No, the companies give away the working computers with all the data on them when they are obsolete.
More and more, sensitive data is portable, and more people are taking advantage of that to move sensitive data from "secure" environments to "convenient" environments.
A VPN into a corporate network then a terminal session would fix most of the complaints. Have them work directly from the server and there are no problems. Have the VPN client check that the firewall and virus software is installed, running, and up to date and there are fewer holes. If you are really worried about it, toss more money at it and make a non-split-tunneled hardware VPN from the homes of those that will be going in, then use locked down terminal services. They won't be able to get anything from the Internet without the protections that everyone else in the office has, and no data will be ever put on the local computer.
I can think of lots of ways to make these just about as secure as those at the office. The problem isn't figuring out how to make them secure. The problem is getting executive buy-in and end-user compliance.
Re:The problem isn't telecommuting (Score:2, Interesting)
Re:The problem isn't telecommuting (Score:5, Informative)
This means that when a sheriff recently left his laptop in an unlocked police car and it was stolen, there was nothing sensitive on it.
This isn't that different from how I've been telecommuting for a long time. I use my laptop to connect up to the corporate VPN and then connect via remote desktop to a machine I have configured for myself at the home office, where I do all my actual work.
Re:The problem isn't telecommuting (Score:5, Funny)
UN Inspectors are going to find that thief, because that thief has URANIUM TESTICLES. Stealing a laptop from an unlocked police car? Holy shit.
Re:The problem isn't telecommuting (Score:2)
Does that make tight fitting briefs a meltdown hazard?
UN Inspectors better find him fast... (Score:2)
Re:The problem isn't telecommuting (Score:4, Funny)
Re:The problem isn't telecommuting (Score:3, Insightful)
I still recall a dumpster loaded full of blue bar computer printouts covered in student grades outside the main campus registrar's office. and that was thirty some years ago...
It has NOTHING to do with telecommute, NOTHING to do with security, it has EVERYTHING to do with butinsky bureaucracy and government gimme. When, as a cultur
Re:The problem isn't telecommuting (Score:3, Insightful)
Tell that to AIG. Reported 2 days ago...Fun News Link [usatoday.com] Outside of the VA lately the breaches have been from smash and grabs like this one. As an I.T. security guy, the first thing I look for when doing an assement is the physical security of home and especially branch offices. I'm not really disagreeing with you, just pointing out that one c
Re:The problem isn't telecommuting (Score:5, Insightful)
Consider yourself lucky to have never experienced two floors (dozens of employees) of locked PC's and laptops removed overnight... more than once. In my experience it isn't someone but some group and they know what they are after and they have tools. Yes, most criminals are stupid, but many are organized and professional.
What's the bigger payoff?
a) single telecommuter setup in home where there is someone that is around most of the time
b) office space with dozens of systems guarded by the lowest price bid security firm/system
Re:The problem isn't telecommuting (Score:2)
Actual government facilities are different, but I can't imagine it would cost a whole lot ju
Re:The problem isn't telecommuting (Score:2)
Yesterday (I am not in the office yet).
I bought the first for our first office 5 years back. We kept buying more across two moves. Over the years it has grown to 4 safes. 2 IT ones for data, 1 mixed for exec stuff and documents and one for finance. This is in a company of approx 50 employees which does not deal with confidential customer data.
This is besides secure offsite storage of course.
Re:The problem isn't telecommuting (Score:3, Interesting)
It also probably wouldn't be hard to get a mole onto one of these security teams. Like you said, they don't have any special training coming in (military, police, etc). They're just department store types, and I can't imagine that the qualifications are much more than department store qualifications -- inclu
Re:The problem isn't telecommuting (Score:5, Insightful)
I both agree and disagree. On one hand, the problem IS bad security practice. It's possible to telecommute safely. On the other hand, the simple truth is that telecommuting opens up new attack vectors. Your data can now be attacked on your system at home, before the VPN is up. It can also be stolen more easily; security on your average office building is better than on your average house.
On the other hand, THIS particular problem could have been avoided by simply using some encryption. Clearly, those who take home confidential data without encrypting it are morons. Some of you are now parting company with me over my allegedly elitist attitude but let's face it, people have been encrypting messages for hundreds (thousands?) of years. This is not a new concept. A user taking home confidential data should be asking themselves how they can protect that data. Anyone who doesn't ask that (in our litigious society, especially) deserves what they get, because they're stupid.
I don't expect everyone to know how to keep data secure. I DO expect them to care enough about it to seek the advice of someone who DOES know.
Re:The problem isn't telecommuting (Score:3, Insightful)
Of course the potential also exists for viruses or trojans to affect the data over the VPN.
One could even argue that since these same problems could potentially exist on the local lan at the office (installing bad stuff on the machines (again, bad security)) that having it over a vpn is safer since it's not an always-on link.
Bottom line- good security and not allowing people to take things home/offload data (part of good securit
Re:The problem isn't telecommuting (Score:2, Interesting)
What about encrypting the whole workspace that the user works on? For example, take a VMWare image with a Windows or Linux environment and all the apps that the user needs to use for this sensitive information, put it on an encrypted virtual drive volume and there it is.
It dosen't seem that these computers are the target of people who want the data, or even know that it's there, they just want the hardware... But it would be a goo
Re:The problem isn't telecommuting (Score:3, Insightful)
Re:Deserve what they get? (Score:2)
I don't know if this is the SAME VA thing, but the last one, the telecommuter got fired.
Re:Deserve what they get? (Score:4, Informative)
Don't make light of this, a number of people got really badly in trouble over this. As a measure of how seriously the gov't takes the situation, it is rare for any civil servant to actually get fired. In spite of the reforms of Jimmy Carter's days, it is still difficult to fire gov't employees. You'd better have your 'i's dotted and the t's crossed, too! Upper management hates to go that far, especially if the employee has over ten years in, and I think this guy had 11 or 12. Get fired like that, and you lose your pension and everything. So if they fired this guy, it's serious.
I work for another Department, and we take security very serious. ALL agency laptops are installed with a standard image using Ghost, an image that uses Pointsec to encrypt the entire hard drive. Yes, we take a performance hit, but to safeguard data, it's worth it. Users have no choice. It is installed before they get it, and when they are issued the unit, they are given the opportunity to set the password (at least 8 digits). If they forget it, they are told, the HD is toast, and must be reformatted. (not really, there are admin PWs we can use, but that makes them MUCH more careful!) They are warned not to store data on the HD, cause if the OS develops a problem, all we'll do is reimage it. We use an elaborate VPN system, with tokens, to allow employees to remotely connect. They don't need to keep data locally, and it is discouraged. With our setup, a lost laptop is just a lost item; a thief would have to reformat the HD to use the laptop. Our data is not accessable.
Re:Deserve what they get? (Score:2)
Re:Deserve what they get? (Score:2)
Sort of - he was allowed to resign. After the dingus who took the computer home was fired.
-h-
Re:The problem isn't telecommuting (Score:2, Interesting)
Re:The problem isn't telecommuting (Score:2)
We use CNB and I like it, you can defer the backup &&|| force it at a certain time (like lunch
-nB
Re:The problem isn't telecommuting (Score:2)
The hard part is files that are open all the time (such as Outlook PSTs). Mostly, we rely on a batch file that zips them up after log
Re:The problem isn't telecommuting (Score:2, Informative)
If the data needed to be on a laptop, why wasn't it encrypted?
There's absolutely no reason why a laptop cant be set up to
have the entire home partion set up to autoencrypt and decrypt.
Users without proper login credentials wouldn't then be able to
access the data (assuming proper encryption algorithms are used).
Again policies that clearly define what information can leave the
office and in what form need to exist in parallel with smart
use of security technologies.
Unfortunat
Re:The problem isn't telecommuting (Score:3, Insightful)
One aspect I've really seen neglected is providing a decent communication infrastructure. Software people use shared whiteboards a lot, yet it doesn't occur to companies that their telecommuters need whiteboard software. And then there's teleconferencing: the last big meeting I went to was m
Re:The problem isn't telecommuting (Score:2)
Backlash for security? (Score:4, Insightful)
It's possible to set up secure connections between a telecommuter's computer and a secure server. Encrypted tunnels for VPN or something like that. Encrypt data on the laptop hard drive - if you even permit sensitive data to be stored there at all.
But until government and corporations are seriously committed to taking the measures necessary to keep private data secure, incidents like this will keep happening, whether it's due to a stolen telecommuting laptop or a server that gets broken into.
What finger pointing? (Score:4, Interesting)
There is none. (Score:3, Informative)
In reality, nobody is pointing fingers at telecommuters -- in fact, in the incidents that I've heard in the news lately, there wasn't any real "telecommuting" going on. Somebody just copied an assload of data off of the server to their local machine, and then took the machine home with them. I'd call that 'working from home,' not 'telecommuting.' And the copying of the data onto the local machine was just inappropriate to begin with. That's mostly a user
the article says it all! (Score:5, Insightful)
On what grounds are you going to detract from telecommuting in that statement? Every worker I know a)has a latop and b)moves it around. I don't think any of us would call ourselves telecommuters in any sense of the word. The fact we take work home, on 'theivable' media isn't an argument against telecommuting, it's an argument for us not taking work home!
I know there are telecommuters on
The next question for me is, who is this backlash against?
Re:the article says it all! (Score:3, Insightful)
Of course the pay wasn't great and the work wasn't interesting, but my evenings and weekends were my own...
Re:the article says it all! (Score:2)
everybody? (Score:3, Interesting)
Telecommuting (Score:5, Insightful)
In my last job I telecommuted for a good 3-5 months until I left. The company had excellent policies and security. There wasn't a single reported incident of data theft from our division in the two-and-a-half years I was there. I was definitely more productive, and I was also better able to plan around illness, holidays, and emegencies.
It's all about good policy. A company without telecommuters is still insecure if it has a crap IT Risk policy.
Re:Telecommuting (Score:2)
The company I work for has a policy of no source code on a laptop -- ever. Instead we keep our code on an encrypted USB thumbdrive (of course thumbdrives aren't allowed at some companies).
Keeping sensitive information on a True Crypt volume is still pretty convenient, and if the laptop is stolen the data stays secure.
Hey IT Managers: True Crypt is your friend...
VPN in / Tunnel in.. use Treminal Servers!!! (Score:3, Insightful)
It can happen in an office building to (Score:5, Insightful)
Re:It can happen in an office building to (Score:2)
Which comes back to your home being more secure, you don't just randomly let strangers wander in, and unless you have tons of parties, you usually have a pretty good mental log of who has entered recently.
The best defense still ends up being encryption. The data on a laptop cannot do harm if it reads like gibberish.
"Hmm... it seems that @VA()#$aSD on !@$%ERFG street has AXPMD%CL# as his
The real problem (Score:3, Funny)
Re:The real problem (Score:2)
Re:The real problem (Score:2)
So you lock them up in a playpen with some kibble and hose them down once a day?
Re:The real problem (Score:2)
Re:The real problem (Score:3, Funny)
Re:The real problem (Score:2)
hogwash! That is a security issue, not slave issue (Score:3, Insightful)
I telecommute from around the world and work directly off machines via SSH, so even if my laptop is stolen, nothing confidential or work-related can be compromised.
Of coarse, if you're IT/Network security policies allow telecommuters to actually work ON their own hd's, then that is your fault for having a flawed IT/Network security policy.
Either way, this is FUD for anti-telecommutism.
Re:hogwash! That is a security issue, not slave is (Score:2, Insightful)
security issues aside... (Score:5, Insightful)
Re:security issues aside... (Score:2)
Re:security issues aside... (Score:5, Insightful)
Anyway, I think the best thing is a good mix of tele and in the office work. For me, I like to tele in the morning from home where I have my dual monitors, my espresso maker, my clean air, etc. It allows me to work solid in the morning right after getting up until I start to lose focus. I'm usually at my highest focus right after waking up. If I waste that time showering and driving, I'll just sit around at work.
So I work in the morning from home and when the focus starts to fade I save all and sync up, and then go shower and commute. I spend about the same amount of hours working but FEWER hours in the car, etc. becuase the traffic is lighter at 10:30 than at 7:30. Plus there's fuel savings, etc. And I don't have to go in every day--sometimes you get on a roll and don't need to go to the office to stay motivated to work.
There are some jobs that need you to be there: anything physical obviously (factory worker, garbageman, etc.). In my opinion, most meetings are bullshit though. Sending an email is usually enough to get it across. But I think some people need meetings to make them feel like they are part of a family. I'm like a hitman, a contractor, BOFH style, so I just do what I do.
What really bugs me is when I get PICNIC calls from the office (usually the same couple of people) who demand I come in and make their computer run faster or reconnect the cable they kicked out of the wall. Oh well, I bill extra for those.
Re:security issues aside... (Score:2)
I assume you are single - and planning to remain so.
Re:security issues aside... (Score:2)
Well, the guy I report to (on the current day job) is hundreds of miles away, and I see him maybe twice a year. Once-a-week status calls, plenty of e-mail, and as-needed project chats... but essentially no normal "bonding" face-time. My closest co-worker/counterpart is a thousand miles away in the other direction, and while we work on the same issues and share lots of information and talk most w
Re:security issues aside... (Score:3, Interesting)
I think it's got more to do with the people involved. I've
Re:security issues aside... (Score:2)
Although I heartily agree, I'm guessing that some of the Slashdot stereotypes who don't leave their mothers' basements except under cover of darkness may not be sympathetic to what I perceive as the advantages of working with colleagues face to face.
Re:security issues aside... (Score:2)
Frankly, some of them get away with so much slacking in the office, under the noses of their managers, it's a wonder how they get away with it.
Re:security issues aside... (Score:4, Interesting)
Questioning a basic assumptions (Score:4, Insightful)
Re:Questioning a basic assumptions (Score:4, Insightful)
Face-to-face can be a big waste of time. Meetings, water cooler chat, and so on tend to be more exercises in shoulder rubbing than productivity. They may increase or decrease employees' effectiveness.
I totally agree that high-tech tools are a waste of time. Email is great when the rubber hits the road, phone calls are fine for brainstorming, and conference calls with a shared spreadsheet or ppt presentation or whatever are just fine for meetings.
The real issue with telecommuting is the tendency -- perceived or real -- to goof off. So I guess if you're running a sweatshop, it is bad; if you're running an operation with employees who are mature and motivated to see the operation succeed, telecommuting can be good.
Re:Questioning a basic assumptions (Score:2)
I don't see anyone claiming that telecommuting is a good option
Re:Questioning a basic assumptions (Score:3, Interesting)
Telecommuting is a cornerstone of geek culture... (Score:5, Funny)
Comment removed (Score:4, Insightful)
Re:Oh yeah, the VA loss was just an accident... (Score:5, Informative)
Insightful, eh? How about "uninformed".
From MSNBC [msn.com]: So no, this wasn't just "dumb luck". It was an accident waiting to happen.
Giving up on telecommuting (Score:5, Interesting)
People are resistant on working in ways to accomodate telelcommuting. People will wait for me to visit the office..even if thats many weeks - rather than pick up the phone.
I also find that when people want to play politics - you are at a severe disadvantage when telecomuting.
Every time management changes you have to reconvince them its viable and I have decided over all that
Thats despite the fact that I work in an IT department for a large vibrant and successful company that prides itself on its forward thinking.
So after 5 years - Im giving up - not for technical reasons.. which I have been able to manage one way or another - but because the culture - even in IT is just not accepting of telecommuters and in fact disdvantages them.
Not an excuse to take private customer info home (Score:4, Insightful)
Telecommuting is not a slam dunk (Score:4, Insightful)
Re:Telecommuting is not a slam dunk (Score:3, Interesting)
As a telecommuter working for an organization composed largely of telecommuters, I can safely say it's not for everyone. But at the same time... disgusting, Office Space-esque cubicle culture... that's not for everyone either.
I live a thousand miles away from any of my co-workers. I've never met anyone in my company. We communicate by phone, by email, by IM... and
If you can telecommute... (Score:2, Insightful)
my company is safe: telecommuting is banned (Score:2, Interesting)
Some people got fired and management adopted a very strong but unwritten policy that telecommuting was completely disallowed. The telecommuting fallout had happened a couple years before I started working there but management was stil upset by the time I was hired. I learned the hard way when I had to come to work three times in the middle of an ic
"Telework" is entirely implicated in the VA case (Score:5, Insightful)
Telecommuting has drawbacks. The number one issue is that the home is not usually a good environment for work. This includes issues of safety and data security. Operations are at risk if you do not take sufficient precautions.
One interesting solution to this is thin client computing. I've experimented with Sun Ray thin clients [sun.com] that connect over a broadband connection back to a server. No data is stored on the thin client. All it really transmits is pixels and keyboard and mouse clicks (encrypted, too). That's the right way to approach this. Never store data away from the people paid to protect it (then make sure those people do a good job).
Re:"Telework" is entirely implicated in the VA cas (Score:2, Interesting)
"Encryption", as such, consisted of mixing-up the data lines on the parallel-side(s) of the UARTs (8!=40320, back then they thought _that_ was hot sh*t; but I thought that was a pain in th
Think of the rainforest (Score:5, Interesting)
Because (Score:2)
POST-time disk encryption (Score:2)
Let me put that another way: demanding application-level encryption just for the telecommuters is a non-starter. It adds too much to the cost of doing business. It won't happen.
The alternative would be encryption activated at the BIOS POST. The BIOS' already have an setting to require a password there, but its doesn't really do anything. So, ma
We'll show those telecommuters...OFFSHORE!!! (Score:3, Insightful)
So those uppity geeks think they can sit at home on their tender pimpled asses and draw a paycheck ? Taking our sensitive data home ? Workin in pajamas ? We'll show 'em! We'll send our data and IP to the other side of the planet to folks we've never met, where our laws don't mean squat...and we'll save massive bucks to boot! Yep, that'll larn 'em...
</irony>
This is not about telecommuting (Score:4, Insightful)
It's about walking around, in any circumstance, with megs of sensitive information on a portable device that isn't encrypted. Whether it's a desktop, laptop, USB device, external hard drive, PDA, cell phone or iPod. It's really about non-existent data security policies, data security audits of vendors handling sensitive customer and employee data and, above all, it's about no accountability in government or private industry for mishandling sensitive information.
When companies are liable for millions in damages for lost privacy act data, you'll see change bordering on a religious revival. Until then, it's just the masses whining.
Use the BUILT IN stuff in your laptop (Score:4, Informative)
What I don't understand is why people are not the built in features of laptops - ANY NEWER Laptops have a Power on password. Many newer ones even have HARD DRIVE passwords (so you can't swap out the drive to use it on another PC). Some even are coming with THUMB readers. Prevent thiefs - ALL laptops have docking stations or cable slots where it can be LOCKED down. If not locked down and not in use then put it in to a LOCKED cabinet. Also to NOT have it in the open cab of car (put it in the trunk - for the smash grab and dash thiefs) - also not good if it hits you in the back of the head in an accident..... Use a BREIFCASE or BACKPACK or CARYBAG that does not scream "I GOT A LAPTOP FOR YOU TO STEAL!" (these are all actual policies where I work).
Also you can secure your Email by always accessed it via VPN and by using IMAP based or HTTPS web based (and/or require RSA token access). Any Local "copy" in the email client is encrypted (We use PGP? or such). I don't telecommute - but I personally only use IMAP (when at work) or WEB BASED email clients (ie: Squirrelmail and such) for the last 12+ years. No chance if SOMEONE steals my PC and tries to look at my MAIL - I don't even have a PC based mail client (no spam bot using POP3 on MY email account - unless they use there own client-but then I have that port BLOCKED on my personal firewall). In 12 years I have not got infected by even ONE virus by email (I get a "hit" every couple of weeks with one - but getting fewer)...My ex-wife however insist on using a pop3 client and has gotten infected many times.
Also setup most business applications such they can be used via VPN and a local client or has a web based interface and/or Citrix/Termial Services or VMWare or such. Also provide Backup space on their servers for your "EXCEL" and "WORD" type of documents. A hot sync Software tool make this easy.
One big thing is adopting a software policy - ONLY install APPROVED software on any BUSINESS PC - no personal software or "free downloads" or demos. As well only approved "accessories" may be attached/used (ie: Thumb Drives and External drives etc). And by approved - I mean not by some "know nothing" boss or supervisor - but approved by IT and/or management who is in touch with what is acceptable and is safe to use. After all this is not your personal PC but own by your employer's. (like the "scattered" or "found" USB drives that was used at one BANK location - most was picked and pluged into the BANKS PCs by there own employees.)
Where I work they also PUSH all virus/spam/firewall and security fixes so your always up to date. They also adopted a PASSWORD policy where you have to change password often and not duplicated etc....
With a GOOD policy and ENFORCING it to protect everyone's butt and with a bit of free software and/or a bit of spending of money/time - a Stolen Laptop could means little to NOTHING in impacting a business - with the biggest being the replacement cost of the laptop and going though and wiping out and resetting any and all of the user's passwords (in case people "keep" a list of passwords on the PC or use "auto complete" or other password reminder tools....) and yes I now there is secure "password" tools out there that would be hard to defeat - at lease before they able to crack/hack it to it - you should have all you password reset.
A stolen laptop that causes problems for a business - they had set them selves up for failure to begin with - however the one of the WEEKEST parts is the employee them selves. It costs very little to make a POLICY, and to make minor changes in how people use there PC. Just remember to enforce it (MANUALLY spot checking if you have to - even "leak" out a rumor that it will happen before you do - I can just hear the hard drives going crazy when that gets around....), if you don't - a policy on paper means zilch (nothing) if people are not following it.
The guy wasn't even supose to have the data (Score:2, Informative)
Oh well. (Score:3, Interesting)
Maybe I should force feed some of these articles to my boss.
Teaching middle management is futile (Score:2)
Just shoot them and put them out of misery. It's more mercyful.
Outsourcing services (Score:3, Insightful)
In other words, anything that can be done remotelly is just as suitable for telecommuting as it is for outsourcing, since in it's simplest form outsourcing is just having your workers telecommute from a far place.
The point here is that anything that does not require the worker to be physically onsite always or often will end up being outsourced and that the great telecommuting revolution that some still seem to expecting has already been overtaken by the even greater outsourcing revolution - forget about working from a paradisian island for western wages, at this point the best one can aim for is telecommuting a couple of days a week.
The problem is often bad telecommuters. (Score:4, Insightful)
I've had several jobs now where telecommuting wasn't allowed at all, by company policy.
Every once in a while I would have an "emergency," like a repair on the house, or a delivery of furniture, or whatever, and I would tell my boss that I would have to be at home, but that I would still be working. One time it was a Unix admin position, so it could be done from anywhere, especially since many of the servers were colocated or managed. Another time it was doing technical support for java deveopment teams for a major Swiss bank.
So you tell your boss that you can't be in the office anyway, so you'll do some work from home. Then, while you're home, kick ass. Get tons of stuff done. Most people in an office kick back and do the minimum amount of required work, so it isn't hard to show how productive you can be when working from home. Do it off and on, maybe when you're sick, maybe when you have a child emergency, whatever, but if you can come up with a legitimate excuse to be home, take it, and work your ass off.
A lot of times your manager will see that you're a very productive worker, and through some simple tactics you can work out a situation where you can increasingly avoid having to commute. I had an hour and a half train commute each way to the swiss bank gig, so it was worth doing some extra work to be able to sleep an extra hour and a half on occasion, and even if I worked an extra half hour at night, I was still done with work and home an hour earlier.
Re:When will managers realize that you laptops ==e (Score:2)
Now now (Score:2)