We use RDP which is Internet accessible with DUO Multi Factor Authentication.
It is good advise below to not avail RDP or any VDI solution to the Internet
without a secondary authentication process being employed.
Regards, Peer
Peter R. Sebilian
CIO
AAFCPAs
50 Washington Street
Westborough, MA01581
d.774.512.4183|m.617.999.3850
psebilian@xxxxxxxxxx|LinkedIn
How can you assess your organization's exposure to technology security risks?
This message is intended only for the person or entity to which it is addressed
and may contain confidential and/or privileged material. No confidentiality or
privilege is waived or lost by any mistransmission. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon, this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and delete
the material from any computer. Alexander, Aronson, Finning & Co (AAFCPAs)
reserves the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except
where the message states otherwise and the sender is authorized to state them
to be the views of AAFCPAs.
From: cpageeks-bounce@xxxxxxxxxxxxx <cpageeks-bounce@xxxxxxxxxxxxx> On Behalf
Of Ken Pyle
Sent: Thursday, September 12, 2019 11:56 AM
To: cpageeks@xxxxxxxxxxxxx
Subject: [CPAGeeks] Re: Work From Home / Remote Policy
Do NOT, under any circumstances make RDP directly available to the internet.
You should shield these services behind a VPN.
Providing direct internet access to firm desktops / VDI is begging to get
hacked.
On Thu, Sep 12, 2019 at 10:57 AM Roger Vega
<rvega@xxxxxxxxxxxxxxxxxxx<mailto:rvega@xxxxxxxxxxxxxxxxxxx>> wrote:
What type of virtual solution do you have
* RDP or
* VDI
I currently have a challenge with my staff that work out at client sites. The
connection is sometimes not the best at the client’s connection or they block
access to our VDI connection.
We use Verizon MiFi’s as a backup solution but they sometimes have limited
connection as well. How are you mitigating these kinds of situations?
BR, Roger
From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> On Behalf
Of Peter R. Sebilian
Sent: September 12, 2019 5:43 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
Subject: [CPAGeeks] Re: Work From Home / Remote Policy
I have been reading this thread with some amount of amusement as the perception
is “working from home” is an earned privilege and something that apparently is
not really fully supported by some firms. The below points are our approach at
AAFCPAs. We have ~225 people across a dozen service offerings. Many of our
community work from client sites in addition to home office / virtual locations
as a standard course of business.
* We have a remote work strategy defined , encouraged, and facilitated
through technologies. The primary goals of this strategy are to reduce non
value added travel, improve flexibility, and influence employee work experience
and ultimately retention.
* We offer home office configurations consistent with what we provide in
office when requested (2 displays, display stand, mini docking station) to
facilitate a consistent work experience between home and office. These setups
cost $400, remain the property of the firm and result in improved efficiency
for the user, and simplified support for the IT group.
* We use collaborative technologies (MS Teams / Skype / Audio bridges) to
remove the distance divide allowing managers to be confident their teams are
actively working and are reachable.
* Where people work in groups, we encourage the minimum number of people
travel to client to facilitate and perform the work. Everyone else, works from
anywhere else.
* We focus on work product performance and quality, not where that work is
done.
* The results (good or not good) are evident in the client satisfaction
and $$ margin derived from the work.
* We believe this flexibility allows us to improve the overall work
experience and satisfaction for our community.
Regards, Peter
Peter R. Sebilian
CIO
AAFCPAs
50<https://www.google.com/maps/search/50+Washington+Street+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+Westborough,+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+MA+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+01581?entry=gmail&source=g>
Washington<https://www.google.com/maps/search/50+Washington+Street+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+Westborough,+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+MA+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+01581?entry=gmail&source=g>
Street<https://www.google.com/maps/search/50+Washington+Street+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+Westborough,+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+MA+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+01581?entry=gmail&source=g>
Westborough,<https://www.google.com/maps/search/50+Washington+Street+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+Westborough,+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+MA+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+01581?entry=gmail&source=g>
MA<https://www.google.com/maps/search/50+Washington+Street+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+Westborough,+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+MA+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+01581?entry=gmail&source=g>
01581<https://www.google.com/maps/search/50+Washington+Street+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+Westborough,+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+MA+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+%0D%0A+01581?entry=gmail&source=g>
d.
774.512.4183<tel:774.512.4183>
|
m.
617.999.3850<tel:617.999.3850>
psebilian@xxxxxxxxxx<mailto:psebilian@xxxxxxxxxx>
|
LinkedIn<https://www.linkedin.com/in/peter-sebilian-1457663/x.%203208>
[www.aafcpa.com]<https://www.aafcpa.com/?utm_source=e-sig>
How can you assess your organization's exposure to technology security
risks<https://www.aafcpa.com/solutions/advisory/technology-risk-assessment/?utm_source=esig&utm_medium=email>?
This message is intended only for the person or entity to which it is addressed
and may contain confidential and/or privileged material. No confidentiality or
privilege is waived or lost by any mistransmission. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon, this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and delete
the material from any computer. Alexander, Aronson, Finning & Co (AAFCPAs)
reserves the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except
where the message states otherwise and the sender is authorized to state them
to be the views of AAFCPAs.
From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> On Behalf
Of John Wehmeyer
Sent: Tuesday, September 10, 2019 11:51 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
Subject: [CPAGeeks] Re: Work From Home / Remote Policy
Hi All,
Looks like this is a topic we all have great interest in and need additional
information. We are in the process of adding better documentation to our
policy so I thought I would include some of the items we are discussing
internally and provide our guidelines (highlighted in yellow) that we have in
place currently.
Please share you information to these questions with the group by replacing the
text highlighted in yellow with what you are doing at your Firm. Feel free to
add on additional questions/points for the group to consider.
1. Who is eligible for working at home/remotely
* Senior, Manager, Director & Partners are able to work remotely
1. Are Non-Exempt employees eligible to work remotely?
* Generally on Exempt employees are eligible. We do have some specific
short-term cases for non-exempt employees
1. Do you have a minimum amount of time the employee must be employed with
the Firm before eligibility?
* Undetermined for at this point
1. Is the Firm or Employee responsible for supplying the hardware needed for
a home office?
* The Firm will supply a laptop with the employee being responsible for
purchasing docking station, monitor, printer/scanner, internet service, etc.
1. Do you have a metrics for ensuring the remote employee is working at the
same efficiency level as when they were in the office?
* We do not have specific metrics but the employee is still required to
maintain their monthly Charge & Non-Charge hours
1. Who gives final approval for working remotely?
* Can be the Managing Partner, Director of Administration or HR Manager
1. Can the remote employee hold client meetings at their remote working
location?
* Undetermined for at this point
1. Other points/thoughts in include in a remote working agreement
* Employee agrees to attend job related meetings, trainings,
conferences, client meetings, etc. as requested by Partners or Management
* Employee agrees to be reachable/responsive during business operating
hours
* Employee will notify their team, HR, etc. if they are calling in sick
* The Firm is not responsible for injuries to family, friends, visitors
at the remote work location
* Employee is responsible for maintaining confidentiality of all their
login credentials, keep laptop secure at all times and locked when not in use
i. Employee
must notify HR & IT immediately if there is a theft/loss, use by unauthorized
person(s), virus, etc.
* Employee & Firm both sign the Remote Working Agreement
* The Employee Handbook guidelines still apply to the employee
Thank you,
John S. Wehmeyer | Lindsay & Brownell, LLP
Director of Administration
4225 Executive Square, Suite
1150<https://www.google.com/maps/search/4225+Executive+Square,+Suite+1150+%0D%0ALa+Jolla,+California+92037?entry=gmail&source=g>
La Jolla, California
92037<https://www.google.com/maps/search/4225+Executive+Square,+Suite+1150+%0D%0ALa+Jolla,+California+92037?entry=gmail&source=g>
Telephone 858.558.9200
Facsimile 858.558.8225
www.lindsayandbrownell.com<http://www.lindsayandbrownell.com/>
The pages comprising this e-mail transmission contain confidential information
from this firm. This information is intended solely for the use by the person
or entity named as a recipient. If you are not the intended recipient, any
disclosure, copying, distribution, or use of the information is prohibited. If
you receive this transmission by error, please notify us by telephone
immediately so that we may arrange to retrieve this information at no cost to
you.
[BeachFleischman logo]<https://beachfleischman.com/>
1985 E. River Rd, Suite
201<https://www.google.com/maps/search/1985+E.+River+Rd,+Suite+201+%0D%0A+Tucson+,+AZ+85718?entry=gmail&source=g>
Tucson<https://www.google.com/maps/search/1985+E.+River+Rd,+Suite+201+%0D%0A+Tucson+,+AZ+85718?entry=gmail&source=g>,
AZ
85718<https://www.google.com/maps/search/1985+E.+River+Rd,+Suite+201+%0D%0A+Tucson+,+AZ+85718?entry=gmail&source=g>-7176
520.321.4600
2201 E. Camelback Rd., Suite
200<https://www.google.com/maps/search/2201+E.+Camelback+Rd.,+Suite+200+%0D%0A+Phoenix+,+AZ+85016?entry=gmail&source=g>
Phoenix<https://www.google.com/maps/search/2201+E.+Camelback+Rd.,+Suite+200+%0D%0A+Phoenix+,+AZ+85016?entry=gmail&source=g>,
AZ
85016<https://www.google.com/maps/search/2201+E.+Camelback+Rd.,+Suite+200+%0D%0A+Phoenix+,+AZ+85016?entry=gmail&source=g>-3431
602.265.7011
beachfleischman.com<https://beachfleischman.com/>
Disclaimer
Any accounting, business or tax advice contained in this communication,
including attachments and enclosures, is not intended as a thorough, in-depth
analysis of specific issues, nor a substitute for a formal opinion, nor is it
sufficient to avoid tax-related penalties. If desired, we would be pleased to
perform the requisite research and provide you with a detailed written
analysis. Such an engagement may be the subject of a separate engagement letter
that would define the scope and limits of the desired consultation services.
Confidential
This communication and any accompanying documents are confidential. They are
intended for the sole use of the addressee. If you receive this transmission in
error, you are advised that any disclosure, copying, distribution, or the
taking of any action in reliance upon this communication is strictly
prohibited. If you have received this communication in error, please contact me
at the above email address.
Thank you.
--
Ken Pyle
CISSP, HCISPP, ECSAv8, CEHv8, OSCP, OSWP, EnCE, Sec+
DFDR Consulting LLC
Digital Forensics, Incident Response, Cyber Security
Phone: 267-540-3337 Ext: 101
Email: kwp@xxxxxxxxxxxxxxxxxx<mailto:kwp@xxxxxxxxxxxxxxxxxx>
Headquarters:
690 Sugartown Rd
Suite WH-201
Malvern, PA 19355
[https://docs.google.com/uc?export=download&id=1WACuNAxuRkgvV8omhj2PrnpGsYKqShGs&revid=0B0gal-h7Q3LSanRYTDRsSE5CYU5lR0JhWlJlbkx2T2RwMzlRPQ]