A new survey shows that the vast majority of senior executives say would’ve approached their return-to-work push “differently.”
A new survey shows that the vast majority of senior executives say would’ve approached their return-to-work push “differently.”
Security is definitely a legitimate argument for some companies. The average home network is nowhere near as secure as an enterprise network and BYOD is not nearly as secure as the systems setup and managed by your organization.
Edit: Everyone saying “use a VPN that’s how you secure your home” needs to do more research. I have a comment below explaining how just using a VPN doesn’t make you safe.
I doubt it. The home network does not need to be secure. That is why you have VPNs and other such technology.
It’s also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It’s way easier to get into someone’s home than into a properly secured office.
That’s also why you encrypt your drives. The average enterprise figured out how to let somebody work from an airport long ago. It’s really not a huge deal.
Ever hear of a VPN? This is pretty standard “security” for most Fortune 500s. Home network can be a Starbucks WiFi, but unless you have the decryption keys you are not going to be able to intercept the traffic tunneled through a VPN.
It’s not just network security though, that was just one example I used. Another is protecting company IP. They could be working from home and a neighbor peek through the window and see what you’re working on. Also that VPN isn’t worth a damn if someone can get into your home and gain physical access to your device. Sure they could also break into an office, but offices usually have a security system with alarms, cameras, and sensors. They also usually have stronger doors and locks. Security is absolutely a valid reason to return to the office. I work in cybersecurity for the record and this is an actual reason being pushed for a return to the office.
If you use vdi that runs on a corporate thin client security is basically a non-issue. Data never leaves the data center and so long as you harden the thin client it should be difficult to breach it.
It’s also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It’s way easier to get into someone’s home than into a properly secured office.
Having implemented this sort of stuff for the mind if companies you probably think of when you’re thinking of enterprise… You’re making a mountain out of a molehill.
The use of a VPN to secure data in transit and the use of strong encryption on the device, endpoint protection and management features, along with good password security make it easy for any organisation not dealing with literal SECRET or TOP SECRET information to enable remote with.
Even the government has capitulated to the idea that devices themselves should be secure:
https://csrc.nist.gov/pubs/sp/800/207/final
If you can deal in government data on your laptop at a starbucks, we most certainly can work at home behind locked doors in our own offices with anything equivalent.
See my other comment. It’s also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It’s way easier to get into someone’s home than into a properly secured office.
No. Even that is incorrect.
You are 4 nodes deeper in OSS intel required, (isemployee->hasaccess?->homeaddress->break in)
I also know there are only 2 people with keys to my home, the hours of operation are limited, and there are no 3rd parties with unrestricted physical access (maintenance, physical security, janitorial services.)
The only difference in person provides is a record of access, cameras and access control systems etc.
My home also has this record of access and if requested can be provided. Most folks have egress cameras nowadays too.
deleted by creator