this post was submitted on 22 Aug 2023
349 points (96.0% liked)
Work Reform
9833 readers
475 users here now
A place to discuss positive changes that can make work more equitable, and to vent about current practices. We are NOT against work; we just want the fruits of our labor to be recognized better.
Our Philosophies:
- All workers must be paid a living wage for their labor.
- Income inequality is the main cause of lower living standards.
- Workers must join together and fight back for what is rightfully theirs.
- We must not be divided and conquered. Workers gain the most when they focus on unifying issues.
Our Goals
- Higher wages for underpaid workers.
- Better worker representation, including but not limited to unions.
- Better and fewer working hours.
- Stimulating a massive wave of worker organizing in the United States and beyond.
- Organizing and supporting political causes and campaigns that put workers first.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There are no arguments for returning to the office that make sense. People who argue against remote work are historical artefacts from a bygone age.
Security is definitely a legitimate argument for some companies. The average home network is nowhere near as secure as an enterprise network and BYOD is not nearly as secure as the systems setup and managed by your organization.
Edit: Everyone saying "use a VPN that's how you secure your home" needs to do more research. I have a comment below explaining how just using a VPN doesn't make you safe.
I doubt it. The home network does not need to be secure. That is why you have VPNs and other such technology.
Some networks are not accessible via vpn.
In those cases it's justifiable to have to work in-person. I don't think we'd want closed networks (presumably for stuff like nuclear power) exposed to the open internet.
True, but that won’t be most of the work force. There will always be exceptions for security/defense and some other areas. I suspect those areas already had a process for monitoring the comings and goings of staff and any off-site work. I also suspect the amount of off-site work was limited to begin with if it impacted security/defense.
Those networks are also not accessible from home networks, then. That is to say it's a valid point regarding each industry and company having different constraints, but it's not a concern over the security of home networks. If home/remote network security is ever the limiting concern, that can be mitigated by VPN.
The issue of using a work device outside of the office is if you ever connect it to your home network off of the VPN, then there is a chance the device is compromised. A malicious actor could have targeted you because they want to gain access to your company and they saw on your LinkedIn that you work remotely. So they simply use some OSINT to find your address, run a geo search on shodan and wiggle to identify your homes IP, then use that as an entry point to compromise your router and wait for your device to connect to continue the attack. This may sound complicated or a lot of work but this is actually quite simple to do and takes only 10 - 15 minutes.
It's also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It's way easier to get into someone's home than into a properly secured office.
That's also why you encrypt your drives. The average enterprise figured out how to let somebody work from an airport long ago. It's really not a huge deal.
Having implemented this sort of stuff for the mind if companies you probably think of when you're thinking of enterprise... You're making a mountain out of a molehill.
The use of a VPN to secure data in transit and the use of strong encryption on the device, endpoint protection and management features, along with good password security make it easy for any organisation not dealing with literal SECRET or TOP SECRET information to enable remote with.
If you use vdi that runs on a corporate thin client security is basically a non-issue. Data never leaves the data center and so long as you harden the thin client it should be difficult to breach it.
It's also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It's way easier to get into someone's home than into a properly secured office.
Right... that's why you would use a VDI. There's nothing local except a thin client that runs your citrix/vmware/whatever client. There's a reason that VDI is generally used for PCI-compliant business cases but VPN is not.
I'm okay with people returning to office. But forcing it down people's throats when remote working has been working for the past few years is NOT okay. Fuck these out of touch companies and executives. I would rather quit than bend to their bullshit.
Well to be fair I wouldn't categorize the entire banking industry and investment capitalists who have over a trillion dollars in commercial mortgage backed real estate collateralized debt obligations invested in those office buildings as being from a bygone era.
TLDR It's 2008 all over again. They bundled up commercial mortgages into securities that blackrock etc are heavily invested in. They are over leveraged because over the counter swaps still don't require verified money in the bank to cover losses. If people are not forced to return they know the real estate market will implode and take Citibank Morgan Stanley etc with it