Work from home, now isn’t that the dream. Working from your bed, resting your back on your pillow while still in your pyjamas and the pizza that you just ordered is right next to you while your favourite jazz music is playing in the background and to top it all you are getting paid simultaneously for it.
Well work from home can be quiet all those things in one package but for new startups and some established companies as well it can be pretty tough for them to implement it and to manage security and productivity for the company. ’Cause lot of employees treat it as a golden ticket to get paid as well as not have to do work. This thought process of the employees have made companies reluctant to implement work from home.
So, last week I had to take to go out of city, I was totally in the situation where I could have done the work from the remote location, but cause we don’t have work from home policy yet so I was unable to do that. That irked me to get started with the whole idea of work from home and how to implement it so that we can enhance the productivity of the employees and have more people interested to join our startup.*
Here it goes…
The best thing about my workplace is that you are totally free to pickup your projects, work on them and deliver results. So, I got working on the work from home idea and then started jotting down points that I need to keep in mind while implementing this.
- We need to have same configuration on their laptops that we have on the systems that we work on remotely.
- We should be able to run cronjob so that checks the configuration files on their system and keeps them updated.
- We should be able to monitor their use and trigger an alert if something turns out to be fishy.
For beginning I started with these three points and for those who think its an easy job, it’s not cause things start to go wild when you are doing this for an entire organisation and that too when you are still an intern.
Let’s dig in!
1. Laptop Configuration
The idea is to setup a system that is similar to the ones that we already have setup in our premise, now how to do that we need to make this process as easy going as possible and for that I took the help of the tool that I have already utilised while working here and that was “Systemback”. You can have a read about it in the link below
TLDR, it helps to make an .iso file for a custom OS that I might have designed for whatever reason and ship it to other employees the exact copy.
2. Update Configuration files
Now that the first part of it was taken care of, then comes the part where I planned to setup a cronjob that will check the configuration files and see if the employee has the latest version of the file. If the employee system doesn’t have that then we can simply provide them with the latest configuration files and execute it on their system. Let me explain in detail how I planned this out.
- Every time the client’s machine boots & gets connected to the internet it establishes a tcp connection with the server.
- Once, the connection is setup then the client’s machine will send over the hash of the configuration file over to the server to verify is that’s the latest configuration settings or not.
- Once the server receives the hash, it check with the hash of the the latest configuration settings file that has been deployed.
- If the hashes match then it’s great but if there is any changes made to the hash then the server can send over the latest configuration file over to the client machine and then the config file would be executed.
It took me 2–3 days to write the down the program and make it work seamlessly. I wrote down the program in Go for the tcp client and server, you can definitely contact me regarding the program if you need something similar.
3. Trigger Alerts
We are planning to collect the logs from the system of the users so that we need to know if the work from home wasn’t misused and the employee actually put their hard work the same way they do at the office.
- The tcp client - server connection is used to pass over the logs from the client’s machine over to the server. The tool “osquery” can be utilised to collect the logs and send it over to the admin at the office premise.
- We can then monitor the logs and see for any alerts or red flags and based on that we can determine whether any malicious insider threat or something as such isn’t taking place.
Well I am still figuring out the last point and which particular parameters to check for to determine everything is working the way they should without having to compile large amount of information that might become junk and never gets processed properly.
If you enjoyed it please do clap & let’s collaborate. Get, Set, Hack!
Telegram : https://t.me/aditya12anand
Twitter : twitter.com/aditya12anand
LinkedIn : linkedin.com/in/aditya12anand/
E-mail : email@example.com
* People are more willing to join companies which offers work from home policy.