Secure the telecommuter's office sensibly and easily
InfoWorld -
Distributed organizations, telecommuting, working from home -- no matter how you slice it, the home office represents one of the biggest security headaches IT departments must face. Companies are finding that it's one thing to protect systems in-house and another thing altogether to enforce standards in the spare bedroom. There's no hard-and-fast solution that will work for everyone, but by taking elementary precautions, businesses can save themselves a lot of headaches on the home front.
Some well-heeled companies may take the maximalist approach by restricting remote employees to using only company-owned PCs for accessing company-provided broadband services. Often, these devices have their configurations locked down with little difference from PCs in the company offices. This works to some extent when you have a well-defined and well-funded telecommuting program. Unfortunately, many companies haven't chosen that path.
In many cases, telecommuting policies are ad hoc, set up on a case-by-case basis. The employee, rather than the business, may make the arrangements and thus has a sense of ownership. Too often, we see home workers treated with an attitude of "You're on your own." It's understandable to expect a telecommuter to be able to handle basic systems maintenance, but not everyone has the time to become his own security expert. The result, as we've seen many times over, is a security breach.
Although the maximalist approach solves some of the biggest home-worker support issues, such as determining who is responsible for maintenance and upgrades, it often ignores the security weaknesses that exist in today's broadband networking options. A big problem is the built-in networking of Windows systems. Notwithstanding the known vulnerabilities of NetBIOS and the various LAN Manager and Windows security schemes, there's a bigger issue: When millions of machines have been configured to the same default settings, it should come as no surprise when someone in Peoria finds his system being probed by someone using a computer in Norway.
The emerging personal firewall software market offers several products that address networking vulnerabilities at the desktop level. Leading vendors in this space include Network ICE Corp. (acquired by Internet Security Systems Inc. in Atlanta), Sygate Technologies Inc. in Fremont, Calif., and Zone Labs Inc. in San Francisco, as well as more familiar companies such as McAfee.com Corp. in Sunnyvale, Calif., and Symantec Corp. in Cupertino, Calif. Good desktop firewalls can be had for free, but most commercial packages cost $40 to $60, and they sometimes include antivirus capabilities.
These desktop firewalls are a good first step but hardly a complete solution, because they
Reprinted with permission from
Story copyright 2006 InfoWorld Media Group, Inc. All rights reserved.
Networking
Additional Resources



White Papers & Webcasts
Death to PST Files
Download Now
Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!
A Green Architectural Strategy That Puts IT in the Black
Levergage green computing across your data center. Read more now.
Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.
Quantifying the Business Value of VMware View
Learn why you should invest in a centralized virtual desktop.
WAN Optimization as a Managed Service: More than Network Cost Savings
View this Webcast Now!
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
Asia-Pacific Enterprise Network Solutions
Learn through this Webcast how your business can achieve reliability, performance and value in hard-to-reach locations within the Asia-Pacific region.
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Mainsoft Webcast w/ Forrester Research: Drive SharePoint Adoption in Lotus Notes Shops
How can you drive mainstream user adoption of Microsoft SharePoint when your users rely on Lotus Notes?

