Our company has reached the stage where some managers are starting
to want remote access to the network from the road and/or their house.
The obvious solution is to install a VPN, however they are insisting on
using their own equipment for cost/convenience reasons. Given that
several of these individuals are routinely infected, manage to delete
their own firewall software, etc. I'm not too excited about the
prospect of opening our network up that way.
My first response was to insist that they either use company
equipment, or have a second drive/partition set up by IT and used only
for work. This is not proving as easy, cheap or convenient as it needs
to be to convince them. At the moment we're deadlocked on
convenience/price vs. security.
One possiblity I've been thinking about is terminals. I won't be
able to control the OS of the users system, and it's most likely to be
some flavor of MS, even though we're heading towards a mixed environment
here at work. If a user opens up a remote terminal window on an
infected home machine, can the infection migrate from the host to the
terminal session? Are there any security implications here?
I'd like to solicit some additional opinions on options of how to
handle this situation. I'm in the research phase right now, so any and
all possible solutions are welcome.
-- Chris Berry chris_berry@xxxxxxxxxxxxxxxxx Information Advisory Manager JM Associates
