I’m a full-time network engineer, and as of my enrollment in this great community, I’ve been actively taking on more security related tasks for hardening our corporate network.
My current task involves hardening our mobile workforce with the least amount of workflow impediment inflicted on our employees.
The mobile workforce uses their laptops to access customer premise equipment which we have to assume is vulnerable and/or compromised.
When they are back at the office, these same machines need to access our corporate network for shared drives, hosted subscriber management software, etc.
My solution is to provide them with a stationary desktop for corporate access, and a laptop for external work that is blacklisted from the domain. One limitation, however, is the cost of an additional desktop for every user.
I’m curious to know how some of you might handle this sort of ‘mobile workforce’.
Any ideas? I think this will make for an interesting discussion at the very least. Thank you!