Working From Home Megathread

Bigfatmichael · 12-02-2021 8:27pm

rostalof wrote: »

Exactly, some government departments are operating like this too. Azure and Citrix with 2 step authentication means your personal machine is merely a portal that allows you to remote in to your on-site business machine. If implemented correctly there are absolutely no GDPR or data integrity issues.

Thats it, its impossible to get any files onto your own computer while using it.

kippy · 12-02-2021 10:34pm

Bigfatmichael wrote: »

Thats it, its impossible to get any files onto your own computer while using it.

Totally agree, but plenty people throw in the "GDPR" bad word without any idea of the environemnt and/or context.

There are plenty people that use their own devices accessing a portal of some kind or another where data does not end up on the end users device.

Now - in almost EVERY situation, for a number of reasons (not just GDPR) it is better practice to ensure that the device accessing the portal/endpoint is company owned and managed but not an absolute necessity.

On that topic, have there been any major GDPR fines handed out to SMB's and or State sector since it came in?

kippy · 12-02-2021 10:35pm

Mrs OBumble wrote: »

It's a non-conformance, which makes detecting and preventing some kinds of breaches a lot more difficult.

If you work for a company that's still letting you access client personal data on your own hardware now, i would advise you to start job hunting.

I don't agree, there are many variables involved - starting to job hunt wouldn't be a logical next step.

Antares35 · 12-02-2021 11:10pm

kippy wrote: »

Totally agree, but plenty people throw in the "GDPR" bad word without any idea of the environemnt and/or context.

There are plenty people that use their own devices accessing a portal of some kind or another where data does not end up on the end users device.

Now - in almost EVERY situation, for a number of reasons (not just GDPR) it is better practice to ensure that the device accessing the portal/endpoint is company owned and managed but not an absolute necessity.

On that topic, have there been any major GDPR fines handed out to SMB's and or State sector since it came in?

UCD had a pretty big one there not so long ago. Third level institution I know, but I think the fine was significant enough.

https://www.google.com/amp/s/www.irishexaminer.com/news/arid-40222742.html?type=amp

AndrewJRenko · 13-02-2021 12:12pm

Bigfatmichael wrote: »

Well a lot of companies are using byod where your own device and mobile is perfectly fine.

The likes of Azure and Citrix are perfectly fine to use on your own laptop.

They're perfectly fine from a security point of vew if they are set up properly - no upload/download, no cut/paste, no screenshots. They're not always set up properly.

They're not perfectly fine if they require the employee to work on a laptop keyboard and screen for eight hours a day. That's very likely to cause health problems for the employee over time.

rostalof wrote: »

Exactly, some government departments are operating like this too. Azure and Citrix with 2 step authentication means your personal machine is merely a portal that allows you to remote in to your on-site business machine. If implemented correctly there are absolutely no GDPR or data integrity issues.

I know some departments allowed BYOD in the early days of WFH, but afaik, most have issued work devices over the latter part of 2020 as laptop supplies became available. Are there any departments allowing BYOD as an ongoing policy?

The general GDPR issues arising from the general WFH scenario, such as taking photos of screen content and overhearing of phone calls remain.

Bigfatmichael wrote: »

Did you ask the 100 people personally?

Here with go again, want your employer to make special considerations just for you.

No, but I've asked pretty much everyone that I've spoken to since last June, which is probably about half of the hundred. No-one else is keen to get back into the office.

So if I get back in, I'll have lots of space around me.

Antares35 wrote: »

Sounds like you have a problem for every solution alright. You know if you charge your employer for rent then allow someone else to use your "office space" i.e. your desk, that's sub-letting. Not very nice (or legal).

If my employer was paying rent, I'd be able to afford a decent adjustable desk that would work for all. I'll be happy to negotiate suitable terms and conditions over rent with my employer. If they want exclusive use of the space, the price goes up again.

Antares35 wrote: »

And whether you think your office is safe is irrelevant. The government has decided it isn't, so you will have to put up with that.

The government hasn't decided that my workspace is safe. It hasn't looked at my workspace or asked anything about it. It has kept its hands firmly over its eyes to make sure that it doesn't see anything about my workspace in order to avoid the question of the safety of my workspace.

Antares35 wrote: »

You get to decide what goes on in your house to the extent that you can either use it to work from, or if you don't want to do that, you can give up your job. You don't get to decide to keep your job but refuse to work from home, at least not at the moment.

You know that would constitute constructive dismissal, right?

Deleted User wrote: »

You're wasting your breath.

I already posted a link to this very reasonably priced height adjustable desk, where that height can be adjusted simply by turning a lever to suit different heights, (have a look at the video). But Andrew isn't really looking for solutions.

You'd think if someone was genuinely that concerned about the potential of long term physical problems or injuries, they'd solve their immediate problem first, then worry about get the money back from the employer, after.

But if he does go to the WRC (as he has implied he intends to do) that wouldn't look so good for his case, would it?

You know well there is absolutely no question about 'getting the money back after'. The money will never come back. Government is not paying for office equipment for WFH staff, and will definitely not pay for equipment previously purchased directly by employees.

BiggJim wrote: »

Serious neck and wrist issues? Catch a grip we are not that fragile as a species and spouting nonsense like that will do more harm than good.

Why do you think that every office employer does ergonomic assessments and appropriate adjustments to provide a safe working space?

Antares35 wrote: »

UCD had a pretty big one there not so long ago. Third level institution I know, but I think the fine was significant enough.

https://www.google.com/amp/s/www.irishexaminer.com/news/arid-40222742.html%3ftype=amp

Very interesting, I hadn't heard of that case, though I follow data protection matters fairly closely. Is it just me, or is that article fairly vague about what actually happened in this case?

https://www.dataprotection.ie/sites/default/files/uploads/2021-02/Inquiry%20University%20College%20Dublin_0.pdf

So credentials of some email accounts were posted online? Were these staff or student accounts? How come the credentials got posted online?

kippy · 13-02-2021 1:20pm

AndrewJRenko wrote: »

They're perfectly fine from a security point of vew if they are set up properly - no upload/download, no cut/paste, no screenshots. They're not always set up properly.

They're not perfectly fine if they require the employee to work on a laptop keyboard and screen for eight hours a day. That's very likely to cause health problems for the employee over time.

I know some departments allowed BYOD in the early days of WFH, but afaik, most have issued work devices over the latter part of 2020 as laptop supplies became available. Are there any departments allowing BYOD as an ongoing policy?

The general GDPR issues arising from the general WFH scenario, such as taking photos of screen content and overhearing of phone calls remain.

No, but I've asked pretty much everyone that I've spoken to since last June, which is probably about half of the hundred. No-one else is keen to get back into the office.

So if I get back in, I'll have lots of space around me.

If my employer was paying rent, I'd be able to afford a decent adjustable desk that would work for all. I'll be happy to negotiate suitable terms and conditions over rent with my employer. If they want exclusive use of the space, the price goes up again.

The government hasn't decided that my workspace is safe. It hasn't looked at my workspace or asked anything about it. It has kept its hands firmly over its eyes to make sure that it doesn't see anything about my workspace in order to avoid the question of the safety of my workspace.

You know that would constitute constructive dismissal, right?

You know well there is absolutely no question about 'getting the money back after'. The money will never come back. Government is not paying for office equipment for WFH staff, and will definitely not pay for equipment previously purchased directly by employees.

Why do you think that every office employer does ergonomic assessments and appropriate adjustments to provide a safe working space?

Very interesting, I hadn't heard of that case, though I follow data protection matters fairly closely. Is it just me, or is that article fairly vague about what actually happened in this case?

https://www.dataprotection.ie/sites/default/files/uploads/2021-02/Inquiry%20University%20College%20Dublin_0.pdf

So credentials of some email accounts were posted online? Were these staff or student accounts? How come the credentials got posted online?

Taking photos of a screen is always an issue - there are only so many things that can be done about this - even in an office environment. Again, people need to pull back on the GDPR angle a bit on this. Overhearing of conversations, again, some mitigation can be done here as well.

Again, there are definely issues with long term use of laptops, desks and chairs that absolutely need to be addressed if you are WFH long term however in the initial instance I know myself, in the absense of something coming from the employer I will try do something about it myself, asking the employer to facilitate but not expecting it, for what is essentially a "crisis". In fairness as time has gone on employers have improved in what they have done.

I don't expect my employer to pay rent to me for my deskspace - for a multitude of reasons.

In relation to the GDPR case mentioned, it is short on detail but it looks as if the college had retained the (college) email addresses of past students and some of these, as well as password data, got posted online somehow.
The issue is probably that the college had no reason to have kept the data on the students after they had left (that could be widely wrong) - maybe there is more out there.

kippy · 13-02-2021 1:27pm

Mr.S wrote: »

Another massive employer approaching a flexible / remote working policy indefinitely- Salesforce, citing the typical 9-5 office day is dead for most people.

https://www.theverge.com/2021/2/9/22275304/salesfore-remote-work-9-to-5-workday-is-dead-flex-coronavirus

One of the few benefits of this pandemic, tbh.

I’ve said this a few times - but when we do eventually go back to normal, will be interesting to see will some employers go back to dragging office staff in 5 days a week. I couldn’t even dream of it.

No doubt - some(most) employers will end up dragging staff into the office 5 days a well. If only because of some of the attitude shown by people, like one of the posters on this thread.

One would hope that common sense would break out and people would have the option of split weeks etc and supported with proper hardware (IT and Otherwise) to WFH on a few day a week basis, if they chose)

kippy · 13-02-2021 2:25pm

Mr.S wrote: »

I just can’t imagine the logic of not being flexible, there is zero, literally zero, benefit to having all staff on desks 5 days a week - this was known pre-Covid, but Covid should have shown employers that business and productivity continues despite not being at a desk. IT, hardware and policies are not that hard to implement.

Of course I’m sure some employers will stamp their feet and drag everyone in. You’ll probably see a lot of turnover and staff changing employers if that’s the case. I know I would anyway.

I don't disagree.

strandroad · 13-02-2021 3:02pm

Mr.S wrote: »

Another massive employer approaching a flexible / remote working policy indefinitely- Salesforce, citing the typical 9-5 office day is dead for most people.

This is the kind of trend that can really impact Dublin real estate patterns. Salesforce's been working with Johnny Ronan on a massive flagship building across the road from the new Central Bank, and their new employees were supposed to fill the apartments blocks around the corner. What happens to the flagship now? They'll probably keep it, they can certainly afford it, but it's going to be too big on day one. Who's going to pay the inflated rents in these apartment blocks if the employees only need to be in this office once a week?

13-02-2021 3:02pm

Mr.S wrote: »

I just can’t imagine the logic of not being flexible, there is zero, literally zero, benefit to having all staff on desks 5 days a week - this was known pre-Covid, but Covid should have shown employers that business and productivity continues despite not being at a desk. IT, hardware and policies are not that hard to implement.

Of course I’m sure some employers will stamp their feet and drag everyone in. You’ll probably see a lot of turnover and staff changing employers if that’s the case. I know I would anyway.

100%

I've already had the conversation with my boss and I've stated that I want to remain 100% WFH as my role does not require me to be onsite and they agreed.

If they didn't I'd be looking for an employer who would be willing to do that.

Personally, I don't ever envisage working in an office again for the rest of my career and I'd wager there's a lot of folks who feel the same.

AndrewJRenko · 13-02-2021 3:06pm

kippy wrote: »

No doubt - some(most) employers will end up dragging staff into the office 5 days a well. If only because of some of the attitude shown by people, like one of the posters on this thread.

One would hope that common sense would break out and people would have the option of split weeks etc and supported with proper hardware (IT and Otherwise) to WFH on a few day a week basis, if they chose)

Hopefully that common sense will include some recognition of the employer's basic obligation to provide a safe working environment, including office space.

kippy wrote: »

Taking photos of a screen is always an issue - there are only so many things that can be done about this - even in an office environment. Again, people need to pull back on the GDPR angle a bit on this. Overhearing of conversations, again, some mitigation can be done here as well.

It's fairly difficult and risky to be taking photos of screens in an open plan office when you never know who is around or who is going to walk by. It's very easy to take photos of screens in a quiet area at home.

I'm not sure what mitigation can be done about overhearing conversations. The employer, and generally even the employee, can't control who else is in the house and what room they are in.

kippy wrote: »

Again, there are definely issues with long term use of laptops, desks and chairs that absolutely need to be addressed if you are WFH long term however in the initial instance I know myself, in the absense of something coming from the employer I will try do something about it myself, asking the employer to facilitate but not expecting it, for what is essentially a "crisis". In fairness as time has gone on employers have improved in what they have done.

The crisis was last March to June. We're now 12 months into this, with at best another 9 months to go, and many employers, including mine, haven't provided safe working environments.

kippy wrote: »

In relation to the GDPR case mentioned, it is short on detail but it looks as if the college had retained the (college) email addresses of past students and some of these, as well as password data, got posted online somehow.
The issue is probably that the college had no reason to have kept the data on the students after they had left (that could be widely wrong) - maybe there is more out there.

Interesting, thanks.

strandroad · 13-02-2021 3:18pm

Mr.S wrote: »

Will demand be as high for core city centre office / residential lettings? Probably not. Prices should come down, and that’s a good thing for residential places.

Absolutely, downward pressure can only help Dublin. People and companies will still be around but decentralising and staggering work can only help with rent levels, public transport capacity etc.
Headliners like Salesforce, Google or Facebook coming out with such statements only show how strong these depressurising trends are.

kippy · 13-02-2021 3:28pm

AndrewJRenko wrote: »

Hopefully that common sense will include some recognition of the employer's basic obligation to provide a safe working environment, including office space.

It's fairly difficult and risky to be taking photos of screens in an open plan office when you never know who is around or who is going to walk by. It's very easy to take photos of screens in a quiet area at home.

I'm not sure what mitigation can be done about overhearing conversations. The employer, and generally even the employee, can't control who else is in the house and what room they are in.

The crisis was last March to June. We're now 12 months into this, with at best another 9 months to go, and many employers, including mine, haven't provided safe working environments.

Interesting, thanks.

Taking photos of screens in a work environment is very easy. It's down to policies and procedures and the punishment for said crime that deters people. Same as at home.
Earphones are gonna half the amount an eavesdropper can hear at home. And again it's really a grasping at straws argument against WFH.

If your employer's is actively ignoring your requests for a desk and chair/docking station do something about it if it grinds your gears that's much.

But keep your requests realistic.
There are many employers who are telling their employees if they cannot work from home they may need to go on PUP.
Which option would your prefer for the past 11 months?

AndrewJRenko · 13-02-2021 3:34pm

kippy wrote: »

Taking photos of screens in a work environment is very easy. It's down to policies and procedures and the punishment for said crime that deters people. Same as at home.
Earphones are gonna half the amount an eavesdropper can hear at home. And again it's really a grasping at straws argument against WFH.

How do you take photos in an open plan environment without being seen by your colleagues?

Yes, earphones half the potential for overhearing. So then there's the other half?

kippy wrote: »

But keep your requests realistic.
There are many employers who are telling their employees if they cannot work from home they may need to go on PUP.
Which option would your prefer for the past 11 months?

Are you suggesting that the public service should be constructively dismissing all staff who don't have space or expense to provide a safe working environment in their homes?

13-02-2021 3:41pm

AndrewJRenko wrote: »

You know well there is absolutely no question about 'getting the money back after'. The money will never come back. Government is not paying for office equipment for WFH staff, and will definitely not pay for equipment previously purchased directly by employees.

No I don't know that. You know why? Because my Dept HAS made refunds to staff for the purchase of office equipment, including desks, where there was a case made for it. Granted, it was in limited circumstances, but it has happened, and it was for more then the €229 desk I linked you too.

Just as you should know, Andrew, you can make a formal request for anything and exceptions can ALWAYS be made at the discretion of senior managment. Given your claim of having an existing 20 year history of requiring a heightened desk, based on ergonomic assessments you say you've already had completed, which presumably are on record with your employer and backed up by medical evidence, then I sincerely do not believe it would be an issue.

13-02-2021 3:43pm

Lads, Andrew has been trolling this thread for the past 20 pages, I'd ignore him if I was you

Thats me · 13-02-2021 3:48pm

AndrewJRenko wrote: »

How do you take photos in an open plan environment without being seen by your colleagues?

Yes, earphones half the potential for overhearing. So then there's the other half?

If you accept your heeadset can be used for overhearing, what is difference with a screen? Same way your screen records can be [are] collected. From within your computer. To make you more happy, you need to know your session can be monitored by another persons over the network, key presses and software executions logged, network traffic sniffed and recorded. All depends on the company policy, but the office where public servants having access to private data should normally have some kind of control over employees activity.

Thats me · 13-02-2021 3:50pm

Deleted User wrote: »

Lads, Andrew has been trolling this thread for the past 20 pages, I'd ignore him if I was you

But.. With no him thread would die soon

AndrewJRenko · 13-02-2021 3:51pm

Thats me wrote: »

If you accept your heeadset can be used for overhearing, what is difference with a screen? Same way your screen records can be [are] collected. From within your computer. To make you more happy, you need to know your session can be monitored by another persons over the network, key presses and software executions logged, network traffic sniffed and recorded. All depends on the company policy, but the office where public servants having access to private data should normally have some kind of control over employees activity.

There are no controls within the computer that stop the user from holding their mobile phone in front of the screen and taking photos.

Having other people around in an open plan office is a major deterrent to this happening in an office.

kippy · 13-02-2021 4:05pm

AndrewJRenko wrote: »

There are no controls within the computer that stop the user from holding their mobile phone in front of the screen and taking photos.

Having other people around in an open plan office is a major deterrent to this happening in an office.

I don't know how many places you've worked in but if you come in earlier/go home later tis very easy to be in a massive office with very very few people around. It's very easy photo a screen no matter where you are. It's not as GDPR concern worth talking about. It's a pointless conversation. What stops this is not people around or technology, it's the resultant punishments that come down the line and/or adult responsibility.

kippy · 13-02-2021 4:08pm

AndrewJRenko wrote: »

How do you take photos in an open plan environment without being seen by your colleagues?

Yes, earphones half the potential for overhearing. So then there's the other half?

Are you suggesting that the public service should be constructively dismissing all staff who don't have space or expense to provide a safe working environment in their homes?

Very easily should you want to.
If an employer cannot provide a safe working environment in the office and up to the standards of the employee at home, I'd suggest they not be in the position to maintain the employees role.....so yeah, it's down to you. PUP, since you can no longer work, or cop the fcuk on like most adults

kippy · 13-02-2021 4:11pm

Deleted User wrote: »

Lads, Andrew has been trolling this thread for the past 20 pages, I'd ignore him if I was you

Ara we are in lockdown, not the best day outside, have the whole of Netflix watched.

Thats me · 13-02-2021 4:14pm

AndrewJRenko wrote: »

There are no controls within the computer that stop the user from holding their mobile phone in front of the screen and taking photos.

Having other people around in an open plan office is a major deterrent to this happening in an office.

Hmm. OK. But some measures still can be taken:

1. Access to sensitive data audited, and operator requested for explanation whenever data accessed with no visible reason
2. Operator can be obliged to have camera turned on while accessing data. When camera off or camera lens detected (automatic detection is possible to implement nowadays) - screen can be blanked or locked immediately, in the case of camera detected - security alert sent to appropriate team.
3. Screen image can be watermarked to identify where the image leaked from (but this can be easily walked around)

On the other hand, since you are allowed to take your mobile with you into the office, you likely working with information which does not require strict measures.

Antares35 · 13-02-2021 4:21pm

Re constructive dismissal, I doubt it Andrew. Then again, the water hasn't been tested this far, seeing as though we are in a pandemic and there's a lack of precedent. I suspect you would fail, but seeing as you're so certain you'd be successful (and given how clearly miserable you are with your current situation) why don't you pursue this and let us all know how you go. By the sounds of it you've little to lose anyway.

13-02-2021 5:40pm

Antares35 wrote: »

Re constructive dismissal, I doubt it Andrew. Then again, the water hasn't been tested this far, seeing as though we are in a pandemic and there's a lack of precedent. I suspect you would fail, but seeing as you're so certain you'd be successful (and given how clearly miserable you are with your current situation) why don't you pursue this and let us all know how you go. By the sounds of it you've little to lose anyway.

Its like you said earlier.

Andrew has a new problem for every solution.

stefanovich · 13-02-2021 5:44pm

strandroad wrote: »

This is the kind of trend that can really impact Dublin real estate patterns. Salesforce's been working with Johnny Ronan on a massive flagship building across the road from the new Central Bank, and their new employees were supposed to fill the apartments blocks around the corner. What happens to the flagship now? They'll probably keep it, they can certainly afford it, but it's going to be too big on day one. Who's going to pay the inflated rents in these apartment blocks if the employees only need to be in this office once a week?

When you invest you take a risk. Zero sympathy.

Bigfatmichael · 13-02-2021 6:24pm

Thats me wrote: »

Hmm. OK. But some measures still can be taken:

1. Access to sensitive data audited, and operator requested for explanation whenever data accessed with no visible reason
2. Operator can be obliged to have camera turned on while accessing data. When camera off or camera lens detected (automatic detection is possible to implement nowadays) - screen can be blanked or locked immediately, in the case of camera detected - security alert sent to appropriate team.
3. Screen image can be watermarked to identify where the image leaked from (but this can be easily walked around)

On the other hand, since you are allowed to take your mobile with you into the office, you likely working with information which does not require strict measures.

May as well have employees strip down naked and their bum holes checked as well when they enter the workplace. A bit like prison.

You can cameras these days the six of a thumb tack.

stefanovich · 13-02-2021 6:26pm

Bigfatmichael wrote: »

May as well have employees strip down naked and their bum holes checked as well when they enter the workplace. A bit like prison.

You can cameras these days the six of a thumb tack.

Some companies take their customers data and intellectual property seriously.

stefanovich · 13-02-2021 6:28pm

Bigfatmichael wrote: »

The GDPR stuff in this thread is complete and utter and not how real companies work.

How would you define a real company? Ones that ignore regulations and laws?

Bigfatmichael · 13-02-2021 6:28pm

stefanovich wrote: »

Some companies take their customers data and intellectual property seriously.

As most companies Do. If you can't trust your employees every company may as well close its doors.

The nonsense in this thread is unreal.

Working From Home Megathread

Comments