Say the word ‘monitor’ and what’s the first thing that comes to mind? If you assumed that the word represented a noun, you might expect that we were talking about a screen displaying the output of a computing device. Perhaps if you’re more of the ‘outdoors’ type, you immediately think of the monitor lizard of the genus Varanus in the Varanidae family. Those critters can be anything from eight inches to 10 feet long and can either make cute pets or bite your leg off for a snack!
Assuming that one’s employer doesn’t supply reptiles as part of any remote work assistance package, let’s keep on track and talk about computer screens. So, this begs the question as to how far an employer should be able to go when following what happens on their workers’ machines.
The crucial questions here might be – firstly, who owns the device, secondly, who is supplying the software; and lastly, what is the status of the remote worker involved. Clearly, a remote freelancer working in the gig economy from their home office, using their own computer from their private internet connection, would not expect a client to monitor their activities. Even if charging by the hour, the relationship between a freelancer and a client, as Billy Joel once sang, has always been a “matter of trust.”.
Cloak and dagger
But a full-time employee on a hybrid contract working from their kitchen table via a company provided laptop should expect to have the output of their monitor monitored! There are many software packages available to keep track of exactly what employees are doing, even to the keystroke level. If you’re on the company’s dollar, on their machine, it’s not unreasonable for them to keep tabs on you. But that’s also where the company concerned should likewise make use of a free VPN for Chrome – especially if the worker needs to access the wider internet as part of their daily routine.
A VPN (virtual private network) works by placing an intermediary server between any connected device and the user’s regular internet service provider (ISP). That server is encrypted and carries state-of-the-art security software. This means that the identity and geographical location (by IP address) are cloaked.
There are two essential good reasons for an organization to add a VPN client to their devices, especially when those machines are being used remotely by a mobile workforce, away from the company’s HQ. The first is one of security. If an employee decides to leave their home or the office for lunch, and later work from a public Wi-Fi network in a cafe or library, the hotspot they’re using might well be unsecured. Hackers use a clever trick in public Wi-Fi hotspots to trap the unwary. Here’s how:
Hit the spot
Imagine the scenario. You take your company laptop into a shopping mall food court called Joey’s Diner. You order a coffee, find a table, open the lid of your device, and an available network called “Joey’s Wi-Fi” pops up in your taskbar. You look up and see a chalkboard above the coffee bar counter that says: Wi-Fi Password: Jo@45-d1n3r. It seems very ‘secure’.
So, you type the cipher into the relevant field, and you’re immediately connected. A pop up asks you to enter your email address for a free coffee and more future offers. 30 seconds after complying, you click on a link to download a voucher for a coffee and a doughnut.
But if you had looked very carefully at your screen, you might have noticed that there were in fact TWO Wi-Fi networks available, BOTH identically named as Joey’s Diner. There’s a 50% chance that you logged onto the one that actually belongs to a hooded hacker at a corner table.
The ‘voucher’ you just downloaded was a link to a malware installation conduit, and your work computer just got compromised. Let’s face it, even secure government institutions like transport infrastructure systems get hacked. What chance does a private company with a limited budget have?
The next thing you know, half your company’s machines are wiped with ransomware, and you have an appointment with HR that’s likely to end up with you clearing your desk. All in all, pretty bad.
Virus protection
But a VPN client installed on that same machine would have detected the downloading malware activity and instantly disconnected the device before any harm could be done. It’s true that proprietary virus protection packages might also detect the problem, but the VPN goes a step further by disconnecting before you have time to think about acting on the virus software’s messages.
The second good reason for workers having VPN clients on their work devices is a simple way to block them from going onto social media (i.e., wasting work time when time kicking around TikTok) or accessing any form of inappropriate ‘adult’ material. Pornographic websites are places where viruses abound—and not just the biological type contracted by the human actors involved!
There are many other benefits to using VPNs in a corporate business environment, in fact too many to list here. But any organization of more than two or three people should be talking amongst themselves about online security as a matter of priority. It’s not just a company’s finances that are at stake, also their very reputation. Stay safe out there, folks!
Guest writer.
