• gencha@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    ·
    3 months ago

    I really love to work from home. But I also understand IT security is dramatically complicated by user’s working on their private network connection or even private client devices. Teamwork also suffers noticably in some professions.

    • Encrypt-Keeper@lemmy.world
      link
      fedilink
      English
      arrow-up
      39
      ·
      3 months ago

      But I also understand IT security is dramatically complicated by user’s working on their private network connection.

      It really isn’t.

        • Squizzy@lemmy.world
          link
          fedilink
          English
          arrow-up
          32
          ·
          3 months ago

          I work in telecomms, major strategic projects. I dont have an office to return to, for 9 years I have had no office. My computer can be wiped remotely amd requires 2fa to connect to the vpn.

          We have never had a security incident that wasnt someone’s laptop being stolen.

          Dont boot lick. This is not rocket science.

          • gencha@lemm.ee
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 months ago

            So how did those laptops get stolen? Would that have been possible if their users worked on a local client at the office?

            Rocket science is a fucking joke compared to secure IT practices. You saying that, proves that you know neither well enough to participate in this discourse. Most users would operate more securely if their client device was also physically restricted. If you don’t understand that, that’s the reason you are not making decisions. I’m sorry to be so blunt.

            There are highly capable technical people that can securely work from home, but this is not the average user. If you don’t recognize that, you are probably just cheering for your own personal comfort right now. I get comfort, but don’t be blind to reality

            • Encrypt-Keeper@lemmy.world
              link
              fedilink
              English
              arrow-up
              12
              ·
              edit-2
              3 months ago

              So how did those laptops get stolen? Would that have been possible if their users worked on a local client at the office?

              Yes laptops can be stolen from offices. It would be pretty trivial to do so in fact in most cases. In an all on site office it’d be a juicy target too because now all these laptops are in the same place.

              Rocket science is a fucking joke compared to secure IT practices. You saying that, proves that you know neither well enough to participate in this discourse.

              It is abundantly clear that you have little to no knowledge or experience in modern IT security practices. And before you ask, no, having watched Mr. Robot all the way through does not count.

              There are highly capable technical people that can securely work from home, but this is not the average user.

              You absolutely do not have to be highly technical to work securely from home. That’s just silly. You only need highly technical people to ensure the people who work from home can do so securely.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                2
                ·
                3 months ago

                pretty trivial to do so

                Yup. We have to “badge in” to our office, but the secretary will buzz you in if you ask nicely. Also, if you walk in with confidence as someone is entering/leaving, they’ll hold the door for you. Or go in around the EOD when the cleaning staff are there and they’ll let you in. All it takes is a very small amount of social engineering and you could steal a ton of stuff from my company.

                But most people don’t lose stuff like laptops at home or in their office, they lose them when traveling. Maybe you drop by a coffee shop on the way to work and someone filches your bag, or maybe you take a flight for work and someone swipes it while you’re throwing something in the trash. They’re not going to break into your home or your office, they’ll snatch it while you’re out in public and not paying particularly close attention.

            • Squizzy@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              3 months ago

              Lad just stop you are talking nonsense, everyone worked from home for 2 years and nothing happened

        • Encrypt-Keeper@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          edit-2
          3 months ago

          It’s the type of confidence that comes with years of experience in IT security and compliance for global enterprises.

          • gencha@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 months ago

            Likewise :) Sad to learn you are one of those that act confidentially while being blind. I’m the guy that cleans up after you.

            • Encrypt-Keeper@lemmy.world
              link
              fedilink
              English
              arrow-up
              5
              ·
              edit-2
              3 months ago

              Oh no you don’t, not likewise. There’s zero chance you have any real world experience under your belt, that much you’ve made very clear. You’ve already let it slip that you’re just a consultant lol. A glorified salesman playing around in SMB land no doubt. At best, maybe an old fart who actually dipped his toes into IT generalism two decades ago before getting out of the game and into consulting? I know the type lol.

              It’s probably best if you were to stay in your lane and let the professionals worry about security.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                5
                ·
                3 months ago

                Exactly. We use a VPN to connect to anything somewhat important, and anything truly important requires manual access and approvals. I’m in a pretty senior dev position, and if I lost my laptop:

                1. they’d have to break my password or biometric login (disk is encrypted) - with this they get access to most of our code, but no secrets
                2. they’d need to hack my phone to access any internal documentation or test environments due to 2FA
                3. they’d need to hack my password manager to access anything non-documentation - code repos, prod logs, etc
                4. they’d need to hack someone else’s machine to get access to actual prod data, which is probably what they really want

                And I’m not doing anything special here (and I’m certainly not a security professional), that’s everyone’s machines due to company policy. We also don’t handle anything particularly sensitive, the most sensitive thing I have is proprietary algorithms, and we’d sue anyone if we suspected they stole our code.

                Oh, and if they try to run something sus, it’ll send a report to our IT dept. I actually got contacted by our IT dept because I ran something unfamiliar (I really like my CLI tools), so they added an exception after personally verifying with me that it’s not a hack.

                We have teams across the globe, both inside the org and outside, and we haven’t had any issues with security, and we do regular audits. Our security team isn’t particularly special either, I’m sure many other companies have much tighter security than we do.

                  • gencha@lemm.ee
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    3 months ago

                    I rather let it stand for the handful of people that need to know 95% of the room are challenged in their ability to evaluate the situation

      • gencha@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        3 months ago

        Just because you can perform a job from home, doesn’t mean it’s ideal for performance. With jobs like surgeons or bus drivers it’s more obvious, but the cut is not as clear as people like it to be.

        I would hope it doesn’t take you long to imagine someone who has access to information about you where you would prefer it not be open on their laptop on their kitchen table at home while guests are around.

        I’m not trying to defend Amazon. This is an active subject at many companies.

        • Eximius@lemmy.world
          link
          fedilink
          English
          arrow-up
          11
          ·
          3 months ago

          Security starts at the developer, you have to be deluded to think otherwise.

          NDA, bulletproof’ed laptops, kernel-level-oversight, VPNs are just mitigations.

        • sunzu2@thebrainbin.org
          link
          fedilink
          arrow-up
          10
          ·
          3 months ago

          You are making up theoretical situations to shill your point…

          Why are you bootlickong this hard?

          If job requires in person, market it as such and hire as such. Pretending that 90% of paper pushers need office is disingenous at best

          • gencha@lemm.ee
            link
            fedilink
            English
            arrow-up
            3
            ·
            3 months ago

            I work in consulting. I don’t have to make up anything. Be angry, but some people are trying to play their role in capitalism successfully.

            • sunzu2@thebrainbin.org
              link
              fedilink
              arrow-up
              7
              ·
              3 months ago

              I work in consulting.

              Haha lol OK? Literally notorious bootlickers… I hope you are a partner. Because otherwise you are bootlicking for against yourself

              Be angry, but some people are trying to play their role in capitalism successfully.

              Yes everybody here who doesn’t agree with you is a poor entry level employee from a shiti state U.

              🤡🤡🤡

              • gencha@lemm.ee
                link
                fedilink
                English
                arrow-up
                2
                ·
                3 months ago

                I’m not talking about myself in your last quote. I consult clients on their operational and technological challenges. I see a lot. Of course, you might also consult similar amounts of clients and you can see that their largest deficit contributor is that people aren’t taking their work home, but that’s not what I’m getting from you.

                You just seem angry, because you can’t stomach that there are valid reasons for you to move out of your comfort zone. Sorry.

                • sunzu2@thebrainbin.org
                  link
                  fedilink
                  arrow-up
                  3
                  ·
                  3 months ago

                  You keep trying to make this about me?

                  Why?

                  We are talking a corporate policy…

                  Weird angle to argue.

                  Also tells me you have no point beyond shilling this.

        • corsicanguppy@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 months ago

          Just because you can perform a job from home, doesn’t mean it’s ideal for performance. With

          You’re refuting an assertion made by NO one.

          No one said all jobs can be done remotely. When the site consolidated equipment or media somewhere, and there’s no way to manipulate stuff remotely then - of course - it’s not a remote capable job.

          We’re ignoring that buses are just big drones and surgery has been performed by servos or volunteers at the direction of a specialist far away. But you make a point, as has been made before, that a lever which cannot yet be pulled by a remote action needs an agile meatbag to do so.

          The point that has been made - oh god, thousands of times - is that jobs that can be remote, should be. And that egotistical managers needing to feel better by staring at asses in chairs all day and knowing they were forced there through threat of food insecurity, that’s not really a justification.

          Amazon’s demanded its devs come back into the office for no value, despite the personality type of those devs, an objective assessment of the workpace they’re forced into - toxic - and the need to live within commute range to get there, limiting housing options for the workers and severely limiting the talent pool for companies. These are people who can, would, will and did the same work better and happier in an environment of their choosing - be it central office or personal office. Now they have no choice but to bend to the will of their boomer-esque managers who forgot it’s not the 1900s anymore.

          For remote-capable jobs, the only reason workers need to take risks and spend more money to physically commute is purely and simply egos of bad managers.

          That’s it. The dead weight they need to shed was in the office the whole time.

          • gencha@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 months ago

            If you believe every developer at Amazon, including AWS, might as well permanently work from home, globally, then I just can’t take your opinion seriously. Sorry. All points have been made

    • corsicanguppy@lemmy.ca
      link
      fedilink
      English
      arrow-up
      4
      ·
      3 months ago

      I also understand IT security is dramatically complicated by user’s working on their private network connection or even private client devices.

      As otherwise mentioned, it’s actually straightforward.

      I work in the daytime on some pretty well-secured stuff; not “secret squirrel” but “people data” stuff. There’s a LOT of forms to sign, and they want to ensure you’re not working on a shared patio but in a real, dedicated office space that is ergonomically optimal and private, with a few other rules, but the effort that started as a panic on COVID day 1 proved workable and they’re going with it. They sold the offices in the dank ugly building. And this org is actually insanely cautious and works with cautious entities, and even they could work it.

      At night I work for a different company on different shipped gear… and a KVM switch to go from one set to the other. They’re all segregated and secure, and the night job I’ve had for 22 years with only two invites to fly down to the office for a visit in that time. Barbecues, actually.

      I have a lovely view of the river.

      It works. You have to be sensible and secure, and then you’re golden.

      • gencha@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        I don’t even disagree with you. However…

        There are thousands of people at home with access to privileged information and they have never heard of a KVM switch. It’s insane how blind to reality some people here are. If you have never been in an online meeting where a participant had their camera off, mic on, was AFK, and their child fucked around on the laptop, because they never lock it, then you really have no fucking idea about security at scale.

        Just because some people here love to work from home, doesn’t mean it applies to an entire corporation as large as Amazon