1 |
On 01/15/2016 09:18 PM, wabenbau@×××××.com wrote: |
2 |
> Grant <emailgrant@×××××.com> wrote: |
3 |
> |
4 |
>> I'm considering allowing some employees to work from home but I'm |
5 |
>> concerned about the security implications. Currently everybody shows |
6 |
>> up and logs into their locked down Gentoo system and from there is |
7 |
>> able to access the company webapps which are restricted to the office |
8 |
>> IP address. I guess I would have to allow webapp access from any IP |
9 |
>> for those users and trust that their computer is secure? Should that |
10 |
>> not be scary? |
11 |
>> |
12 |
>> - Grant |
13 |
> |
14 |
> I would use OpenVPN for that. If you don't trust their systems, you |
15 |
> could provide a Live-System media for them if that is possible. |
16 |
> |
17 |
> -- |
18 |
> Regards |
19 |
> wabe |
20 |
> |
21 |
> |
22 |
|
23 |
I would use VPN + an X server that can spawn sessions on demand. This |
24 |
way it all stays internal on the work network. |
25 |
|
26 |
I do something similar at work for our Windows clients, it was simple to |
27 |
set up there. |
28 |
|
29 |
I've set up my home server to act as a Windows-type terminal server |
30 |
using X and tigervnc. It actually works well, but I never got into |
31 |
multiuser and dealing with logon scripts and the like (you may or may |
32 |
not need this to deal with user documents and the like.) |
33 |
|
34 |
Dan |