Vulnerabilities / Threats // Insider Threats
12/3/2008
05:15 PM
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%
Repost This

What Not To Do For Your Road Crew

IT telecommuting traps to avoid.

There are several ways IT can destroy the productivity and happiness of hotel-hopping travelers. Learn from the real-world mistakes of others and avoid some of these pitfalls for your on-the-go employees.

Misconfigured backup client: While it's vital to have some sort of backup for staff who don't frequent the office, a misconfigured backup client can wreak havoc on the performance of off-site employees. Where possible, closely identify which file types will be backed up, as well as where they should be stored, and communicate that policy to staff.

Windows updates: The problem happens when your CEO checks into his hotel, powers on his laptop, and gets Windows XP SP3 forced down his throat. The orderly distribution of updates can be done in a more friendly way via Windows Server Update Services. Alternatively, group off-site workers into an Active Directory Organizational Unit that has a relaxed set of update policies.

Lack of a plan B: You'll eventually get a call from the most important person, at the worst possible time, telling you she can't connect to the network. Whether it's a VPN client issue, network connectivity, corrupted application--whatever it may be, have a backup plan. If a VPN client bombs, can you serve out a remote desktop? If a hotel's network is problematic, can the employee tether a smartphone to the laptop for Internet access? If Office gets corrupted, can you deliver an online version through Citrix or Microsoft Terminal Services? If you can plan ahead for disaster for your road warriors, you'll thank yourself later.

Photo by Getty Images

Return to the story:
Five Ways To Arm Your Mobile Workforce

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web