General discussion


"Home User" Support Issue

By ktimm ·
We have several users that work from home on systems that are not owned by my company. Because of this, we have no control over what OS they are using or the versions of any other software they have. This has become sort of a trouble spot for the support team since the users expect us to fix there home computers when they do not work correctly. Mostly the issue comes in with getting users connected to VPN and then into our web based accounting system. What we would like to do is have a policy in place to "protect" the support team. We would like the policy to be something along the lines of, we supply them with written documentation on how to connect to VPN, the accounting system, and some basic troubleshooting steps. Beyond that, we would not responsible for the system. What we are wondering is how other's of you in the same basic situation handle the issue, if you have any policy in place, and if so, what the policy is.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by TheChas In reply to "Home User" Support Issue

Personally, I think this situation is not acceptable as is.

You need to formulate a plan and work with management to change the existing situation.

The fact that users access the accounting system screams TROUBLE!

Start with a minimum or better yet, a specific system configuration that will be supported for off-site access.

Require home users to sign an agreement as to how their home PC will be used and configured for accessing the office.
At a minimum, home users should be required to keep up to date anti-virus and firewall software running.

Next, create a custom CD that will install and configure your VPN and user accounts.

Should users have problems, set up a system where they bring their PC in to be configured.

Set a "grace" period where home users PCs will be "cleaned" of virus and other mal-ware with no questions asked.

After the grace period, allow 1 PC configuration per year, or when you roll-out new software.

Send e-mails to all home users to remind them about Virus updates and OS security patches.


Collapse -

by ktimm In reply to

Management is the problem, I have addressed the issue with them several times over the past 3 years. Management dosen't care because it's not there problem.

Collapse -

by jschein In reply to "Home User" Support Issue

Highly sensitive area with home user pc's and "ACCOUNTING" access...

Problem is as the Chas puts it is VIRRI and MALWARE. If they can VPN in, and have access to such critical files, they need to be provided with the CORPORATE ANTIVIRUS and follow set guidelines and proceedures as put forth from the company.

Failure to obey work guidelines will result in removal of access from VPN.

People surf porn or whatever from home. Heck, half the time they think they are surfing legitamit websites, but they contain malware, spam and virii without their knowledge. One infected pc, allowed access through the vpn tunnel just screams havock.

Get with the dept. manager, the company owner, and explain how imperative it is that everyone is on the same sheet of music. Failure to comply could result in some serious problems for the company.

Do these home users have Up to date legitamte anti-virus? firewalls? get the picture?

Collapse -

by ktimm In reply to

I didn't ask for your opinion on the security risks taken by allowing PC's VPN access. We are well aware of the risks but as stated before, management refuses to act on something until it has caused a problem. The question was what policy's you have in place in regards to support on non-company owned PC's.

Collapse -

by ktimm In reply to "Home User" Support Issue

Let me clarify access to the accounting system. This is where our users fill out and sign timesheets so they have to have access to it. Everyone in the company has access to it. Access is limited with in the web based program to only those modules you require. For 90% of the people, it's just there timesheet. Now, in regards to personally setting up the computers. We support offices from San Diego, CA to Atlanta, GA. We have 2 support guys based in WI. Setting up each individul PC is not an option. Regarding the Company supplying software for the home users. I don't know how your company works, but we have to fight for every penny in our budget. I've been working here for 5 years and it wasn't until last month that I was upgraded to a "real" computer from the Pentium 133Mhz (no, not 1.3Ghz, 133Mhz) I had been using for the previous years. In other words, the wallet around here dosen't open until AFTER there is a problem. I think that it's writen in our company policy that forethought on things like virus software is strictly prohibited until after the problem. Don't get me wrong, we have anti-virus running on all the company owned PC's. I think that I have addressed all concerns. Thanks for any input!

Collapse -

by dRb63 In reply to "Home User" Support Issue

We've had the same issue. And the way that our company solved the problem was the purchase of Microsoft's Licensing Agreement (MLA). What this entails is the installation of the latest OS on their home systems. And it also entails them to a copy of the latest OS. Yep, some of the home systems don't have the "required" hardware but just by letting the home users know that they can, in essence, have a "free" copy of the latest OS and ANY application that is covered in the MLA, they generally don't have a problem upgrading. This has solved our problems. There is one issue, the's expensive.

Collapse -

by ktimm In reply to

This is an answer, but not an option. If we don't want to be responsible for supporting a VPN connection, why would we want to be responsible for upgrading the OS on the system? True, while it would make our job easier because we would be supporting less systems, however the last thing I want to do it sit all day on the phone talking a user through upgrading the OS on there PC and then having them get cranky with me when a program of there's no longer works with the new OS.

Collapse -

by ktimm In reply to "Home User" Support Issue

It seems as if I need to clarify what my question is since there have been several posts yet no one has answered the question. What is your company policy for supporting systems that are used by company employees but not controled by the company?

Collapse -

by mm212 In reply to "Home User" Support Issue

Here's what we do. First, since we have an Enterprise license, we include the home pc's of users that VPN in on that license. If this wasn't the case, we would make it clear that they are required to have updated antivirus software on their home pc's or they will not be allowed to connect.

Second, we require a firewall of some sort on their pc's. We know that Zone Alarm works with our VPN system, so we recommend that to anyone who doesn't want to spend any money on their firewall. If they buy some other firewall software, we leave it up to the customer support of the firewall vender to keep track of that. We will provide information necessary regarding the connection so the vender can sort out the issues.

Third, they are required to sign an agreement on how they will use VPN. I can't go into details, but basically it's for tasks associated with work only, they will only access those area required for work, they will not do anything to harm the network etc.

We provide them with a CD with one piece of software they use and a document that steps them through the download of the latest version of the second piece of software required, installation and configuration. If they have problems, they can call us at the normal tech support line so we can step them through basic trouble-shooting steps. More than that is basically just "I think 'x' software is causing the problem. Remove it and try again." or something along those lines. We can't know everything about everyone's home pc and we make it clear that they are responsible for their home computer.

This doesn't alway "protect" us because most of the VPN people on our system are network admins and they can figure out how to fix it with little help. Very few others need access from home. Those that need access but are not network admins are mostly big shots in the company that we end up dropping everything and going onsite to their house to fix the problem. Now, we get paid for the milage for this since they c

Collapse -

by mm212 In reply to

My answer got cut off: ...we get paid for milage for this since they can authorize the payment. I know this may not be feasible in your situation, but wanted to throw it all out on the table.

Related Discussions

Related Forums