When users take laptops out of the office and connect them to the Internet, they do so without any of the firewall, virus-screening, or other protections built into your corporate infrastructure. I recommend that you configure laptops that communicate remotely to come through a VPN in the corporate network whenever they use Internet resources, even though the laptop may not perform as quickly if you do so. Without this protection, it's relatively simple for a user to pick up a virus or worm on the laptop when connecting remotely and then spread it through your corporate network when they connect locally. Consider turning off all access to IM clients or newsgroups
Many companies have removed IM access, though I think the potential benefit of using instant messaging and newsgroups outweighs the risk as long as you advise your users not to accept attachments from strangers in online chat systems and to avoid downloading files from public newsgroups. Vendor newsgroups are a different matter, however, since vendors do a good job of policing their own news servers and keeping dangerous files from being posted. Security is a full-time job
Most companies want the benefits of giving their customers, employees, and partners 24/7 access to systems by using the Internet as their communications backbone. But one of the things most often overlooked by the CIOs who want this capability is the responsibility of policing systems and connections on a 24/7 basis. If you expect your IT managers to invest the time required to keep your systems safe and connected, you must be willing to invest the money and other resources to help them do so.
For a weekly round-up of the enterprise IT news, sign up for the
Enterpise newsletter. Find out what's where in the new Tech Update with our
Guided Tour. Tell us what you think in the
Enterprise Mailroom.
Enterpise newsletter. Find out what's where in the new Tech Update with our
Guided Tour. Tell us what you think in the
Enterprise Mailroom.
