Telecommuter security kit

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Lotus Notes, Domino, Workplace or WebSphere tip or code snippet to share? Submit it to our tip contest and you could win a prize.

The number of businesses with employees that work at home has skyrocketed over the past few years, and each telecommuter has a unique set of support needs and desires. Most organizations give a handbook and kit to each user with reference information that can be used in the event of problems. But there are other things you might not think of that could be very helpful -- particularly from a security standpoint -- to give to your remote workers. Here are some suggestions:

A kit to combat spyware. The topic of spyware has become popular recently, and a lot of users may even ask you about your preferred procedures for keeping this malware off their machines. You should prepare a software-based kit, preferably on a small-sized USB thumb drive that the user can keep at his desk. The thumb drive could include AdAware, Spybot Search and Destroy or a licensed copy of your corporate spyware-prevention programs, along with a very obvious ReadMe file to guide users through downloading the latest signatures. This way, your remote users already have the necessary software at hand, and the less experienced ones require fewer minutes on the phone with your support people. And best of all, remote users who feel comfortable doing basic system cleaning can effectively remove spyware without tying up your help desk or their workday.

A guide to properly setting up the firewall on their perimeter device. Most remote users will probably have, or will be purchasing, a SOHO-oriented firewall/router device that connects their home networks (sometimes even a wireless network) with the broadband at their homes. Make sure they can configure it properly by providing them with a couple of pages, including screenshots, for the most common router models -- or the one you've standardized on if you have a lot of telecommuters. Help users secure the firewall and enable Wired Equivalent Privacy (WEP) if applicable. Make sure they open ports correctly if necessary and enable remote console access so you can help them if their router goes crazy. It happens. Don't forget that if corporate data resides at these users' houses, it's probably still your responsibility to make sure that that new leg of your network is secure as well.

Alternate actions for when the VPN goes down. Virtual private networks are by far the most common way that telecommuters bring themselves onto the corporate network to use the resources located therein. But what happens when the VPN doesn't work? (This happens fairly often to some of my colleagues.) Do your users simply twiddle their thumbs or go work in the yard for the day? Have some guidelines for how users can continue to be productive securely. Provide them with a URL so they can securely log onto your mail servers to send and receive e-mail. Teach them how to make a copy of their document folder when the VPN is working and how to regularly update that copy, so all isn't lost when they can't access the network versions of their documents and files. Help them maintain their productivity, and make sure that whatever alternate means these users are taking advantage of to connect to your premises are configured securely and appropriately hardened.

Help with running regular virus scans. Chances are that you've given remote workers access to your corporate copy of whatever antivirus software you're using. But you may not be able to include your remote users' nodes within the scope of the management features of your product. So write up a short, 5- to 6-step guide to updating virus signatures and performing a full system scan. Help your users schedule a reminder in their personal information management programs that prods them to run a scan. Make it easy for them -- you might even script a batch file or VBScript program to work with the locally installed copy of your AV client. But, in any case, document the process using clear, simple steps and include that page in your handbook.

A place for a complete hardware and software inventory. Consider licensing a copy of software like the Belarc Advisor to give you a list of product keys, installed software and a profile of hardware. This can be invaluable for troubleshooting and rebuilding a broken system.

A list of the standard stuff. Of course, don't forget to include help desk numbers, e-mail addresses, directions to the nearest computer repair shop, policies and procedures for your support infrastructure and the other common information users might need.

About the author: Jonathan Hassell is author of Hardening Windows (Apress LP) and is a SearchWindowsSecurity.com site expert. Hassell is a systems administrator and IT consultant residing in Raleigh, N.C., who has extensive experience in networking technologies and Internet connectivity. He runs his own Web-hosting business, Enable Hosting. His previous book, RADIUS (O'Reilly & Associates), is a guide to implementing the RADIUS authentication protocol and overall network security.

This tip originally appeared on SearchWindowsSecurity.com.

Do you have comments on this tip? Let us know.

Rate this Tip To rate tips, you must be a member of SearchDomino.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Lotus Notes Domino Security How to correct Lotus Notes public key mismatches in four easy steps Cracked users' HTTP passwords still a threat on many Lotus Notes R6 and R7 domains Top 10 Notes/Domino administration tips of 2006 Unsecured devices worry IT professionals Online crime as ugly as ever McAfee sued for patent infringement Mobile security starts with policy Antivirus researcher Gullotto leaves Symantec for Microsoft Symantec: Searching for a strategy? Symantec says enterprises failing to secure instant messaging Lotus Notes Domino Antispam Software and Spam Filtering LotusScript agent moves tagged spam email to junk mail folder Limit the size of incoming email attachments to a Lotus Domino server Stop spam on BlackBerry mobile devices Online crime as ugly as ever Putting a stop to incoming spam on Lotus Notes 6.5 Image-based spam scams on the rise Image spam paints a troubling picture McAfee products vulnerable to code execution flaw A recipe for secure IM success How to protect Lotus Domino Server from spam blacklists Spam and Security Securely connect Lotus Domino servers on different domains Protect Lotus Notes from malicious code with the Domino ECL How to correct Lotus Notes public key mismatches in four easy steps A recipe for secure IM success Spear phishing: Don't be a target FAQ: Lotus Notes Domino password issues Security awareness training: How to educate employees about spyware Seven tips to strengthen your Domino e-mail security Admin2005 preview: Tips, techniques, and a look at Notes/Domino Rel. 7 Notes/Domino Security, An Administrator's Guide: book review RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.