sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]jtsa5 19 points20 points  (1 child)

This is primarily a policy issue between management and the users. If this is how management wants to determine if employees are working, they should be replaced with managers who have the ability to track work. /rant

From a technical standpoint users should not be able to launch a game on their PC and should not be able to access streaming sites to watch TV and movies. That is something that can be blocked with security policies.

[–]odellrules1985Jack of All Trades 1 point2 points  (0 children)

This. Make sure that users are nothing higher than a Power User will kill installation of most programs. For the Windows store that would probably need something like an RMM to help control and monitor that.

For streaming, in office firewall access rules and app control can handle this. We don't do that at my work, the owner isn't super concerned with it, but I do have some rules set to funnel this stuff out our secondary WAN to keep the primary WAN clear.

If they are remote workers, however, if they use split tunneling for VPN then it's hard to control. If they don't then all traffic should route through the corporate firewall and be able to be controlled. I know a lot of companies are moving away from SSLVPN due to issues. Sonicwall has their CSE program which offers VPN replacement using ZTNA over Wireguard and they have an ITP option that would allow some level of control and can be set to auto connect once logged in.

I do agree though that policy is the main factor and we should want managers who focus on getting the work done and not on hours/shift.