The vast majority of companies still do not have any policy in place to support work from home. As the majority of companies have switched to remote work and plan to implement this new system going forward - companies need to understand how to make an effective switch that will align with their company goals and business development strategy. 

Our guest today: David DeFrancis, CEO of IT Proactive

David started his first computer consulting business in 1998 and launched IT Proactive in 2015. He noticed a need for security and process in small to medium sized businesses was completely under-served.  IT Proactive is an outsourced IT Support firm that you can trust. We offer fully managed IT solutions that are simple, affordable and all-inclusive.

Today we are going to discuss

  • On boarding and Off boarding Employees
  • Remote work policies
  • BYOD policies

What are today’s challenges when successfully onboarding and offboarding terminations?

  1. No on boarding or off boarding checklist (Directory Service Accounts, email, application permissions, devices)
  2. 1 off policies
  3. Personal devices accessing the corporate network, not having a separate vLAN (Internet Only) for employees (What is acceptable in the organization)

What policies need to be in place

  • Acceptable use for company equipment
  • BYOD - where most companies fail
  • Remote Access Policy- work from home
  • Personal Device v. Corporate Device
  • Its all about data integrity and security
  • Equipment reimbursement
  • Internet access/ security (remote location)
  • VPN
  • Firewall with Security Services
  • BYOD- allow employees to access data
    • Failure point

      • - Written policy on what they can & cannot access
      • - MDM- mobile device management software 
  • When people leave they can put their phone on airplane mode to access shared company files (locally synced data)

Rick’s Input

  • On boarding is a continuation of your interview process. This determines your ability to retain your strongest people

How do we create an effective internal policy around remote access?

  • Questions need to be asked first
  • Can company data be accessed on personal devices?
  • Can data be accessed remotely via web browser. (Email, Sharepoint etc)
    • Protocol in place for a security breach

      • If a breach is detected, who to contact, plan to notify customers / vendors
  • Are remote computers encrypted
  • Are computers connected to a directory service?
  • Mobile device management policy in place?
    • Security protocol in place to wipe data (MDM)

Now Create Acceptable use policy for Company Devices (template)

  • Taylor to specific company (Questions to ask)
  • Outline what applications are acceptable to use on device
  • Can the employee access personal email, social, banking, etc… for company owned device
  • Websites that are acceptable to access on a work device (Personal Banking, Social Media etc)

Create a mobile device management policy

  • Dependent upon server location
  • Dependent upon BYOD or company owned devices
    • On prem, cloud, hybrid

What needs to happen when a person starts?

  • On boarding process 

    • Recommend providing company owned devices first!
  • On boarding Checklist:

    1. Typically IT Managed
    2. Directory Services Account
    3. Email Account / O365 / Sharepoint
    4. LOB Applications 
    5. Permissions for LOB and File Share(s) / Sharepoint
    6. VPN in applicable
    7. Mobile Device (Email, Sharepoint, Supervised v. Managed Mode MDM)
    8. Company Policies, delivered and signed by employee
  • Off boarding

    • 1. Typically IT Managed

      • Remove Access to all devices during exit interview
      • Force Sign Out of any BYOD devices.
      • Directory Services, LOB applications, File Shares etc
      • Archive devices
    • 2. Do not tamper with user date until its archived
      • Point in time archive- home folder, desktop image, email
    • Off boarding checklist for HR & IT
  • Signed document that all company owned devices are returned

Key Takeaways:

  • Start Policies (even if it has 2-3 items in it)

    • Acceptable Use Policy
    • Remote Access Policy
    • BYOD Policy
  • Create and On boarding and Off boarding Checklist
  • Be in sync with HR and the members of your team when exiting an employee

Guest Contact: david@itproactive.com

Share | Download

Play this podcast on Podbean App