Submitted by ravik_reddit_007 t3_11az9xi in technology
ButtercupQueen17 t1_j9vrenv wrote
Google: doesn’t have enough desks for all its employees
Also Google: NO YOU CANT WORK FROM YOUR COMPUTER AT HOME YOU HAVE TO USE OURS FOR SOME REASON!
TJ_McWeaksauce t1_j9ycn6e wrote
Forced return-to-office plus invading each other's personal space is sure to improve collaboration!
gatorling t1_j9xzydz wrote
This…isn’t true. Remote work is an option for most employees. The problem is that a significant number of people are deciding to work from office and then not actually using the desks. So you see entire buildings of empty desks. Google doesn’t want to continue leasing or building new offices just to house empty desks.
ZeroNine2048 t1_j9y0hbp wrote
The article states that they have to come in a couple of days a week and alternate
Jeremycycles t1_j9yba7m wrote
We did this at AWS when I was there 8 years ago and no one cared
Smith6612 t1_j9xeqqx wrote
>NO YOU CANT WORK FROM YOUR COMPUTER AT HOME YOU HAVE TO USE OURS FOR SOME REASON!
It's a compliance thing. Google can get into serious trouble with many governments for people using un-managed home computers. SOX, PCI, GDPR, you name it. Home computers are an excellent conduit for data breaches. From a legal standpoint, your home computer automatically becomes part of evidence collection if there is ever an investigation by the company. Sure there are resources like Citrix Google could use to let home computers be used... but maybe Google doesn't use that for reasons.
Feel free to disagree, but Google has their reasons. Forcing people to work at an office while taking away their desk is dumb. Forcing people to use company hardware, no.
Western-Image7125 t1_j9xtwx6 wrote
What rubbish. The work is done on laptops which ssh to a secure desktop which is housed inside the office. So what’s the difference between working from a conference room and working from home, when you’re on a laptop and sshing into a desktop to work either way? I don’t know much about networking but if this was an issue then they would have forced all of us to come back to office a long long time ago and not given us a laptop to bring home ever.
Smith6612 t1_j9yigfe wrote
The issue is with the way the program is handled on the computer side. For example if you have tattleware installed for malicious purposes, a keylogger, or something else of the sort, your SSH session may be secure going over the pipe, but information is being lifted from the computer through screen reading or keylogging, or clipboard reading. Just to give an example. SSH is also capable of a lot more than command line access - it allows networked file system access at a host to host level. Socket tunneling (you can use it as a TCP/IP proxy). It allows for remote execution of GUI programs through techniques like X11 forwarding. It also allows SSH proxying and bastion hopping as part of a connection sequence. All of this can allow for information to be copied and sent off to places it shouldn't be, and provide a hidden conduit to the corporate network. I've also seen malware on home systems used for ad injection which configures a SOCKS proxy on the system, installs a root certificate and other high trust files, and perform man in the middle interception of all traffic, including SSH. Unless the computer has a host fingerprint bundle being seeded and managed (which a corporate MDM could do), most people will blindly accept the malicious connection set by the malware's proxy, and now your SSH session is being intercepted.
What companies do to protect against both is use a program like Citrix, where you can see and use applications running on a remote system from any computer, but the software employs protections like the same DRM used to protect streaming video from screen recording and snooping by software. The software can be configured to prevent copy and paste clipboard data from crossing beyond Citrix. It can be configured to allow or deny access to certain file system resources or to prevent interactions with the program from devices which aren't directly attached. Lots of things, but companies find Citrix to be slow or rather high maintenance compared to issuing a laptop. For example, video meetings through Citrix would be a painful experience, and the video calling system might be guarded as a corporate secured resource, so the laptop ends up being a better solution. Software development, you can probably forget about that on Citrix because of how locked down the environment tends to be.
Western-Image7125 t1_j9yqiou wrote
Ookay that’s a very long answer which I mostly don’t understand, you’re probably correct in what you’re saying, but my general point is that it’s pretty unlikely that cybersecurity is the primary reason to bring everyone back to the office. If that was the case we would have received much much more stern commands to return to office or leave the company
Smith6612 t1_j9yxneh wrote
Yeah, the return to office part is a bit different from the situation of using a computer. Office space usage has to do more with companies looking at the finances, and asking why they're paying a lot of money for corporate real estate that isn't being used. Companies sometimes are bound by very long leases, legal agreements between a government and a company in exchange for tax breaks, and so on, and they would want to make sure those buildings are being used to the fullest extent possible. They have to maintain the buildings whether or not people use them, so that's a loss center. I'm certainly no expert in corporate real estate, so there may be a lot more tied into that.
At least from an IT perspective, it's easier to support someone in person if they have a hardware problem. Especially with the way modern premium laptops like Macs are built, where simplicity in design clashes with troubleshooting, and where tool requirements reach into the "probably not available at home" set. From an information security perspective, one can be more sure that information isn't being looked at by others when they're working at a secured office versus, say, a coffee shop across town.
Companies have their reasons at least. Some are dumb. Some are valid. Mandating work at an office and not providing a fixed desk to go to, pretty dumb in my opinion.
Western-Image7125 t1_j9yyyd7 wrote
The main reason I can think of is the companies want to justify the multibillion dollar office investments. And also the head honchos who have houses in Palo Alto and Los Altos don’t want their property values to decline
Smith6612 t1_j9z7rfy wrote
Haha, yeah I completely forgot about the housing values. I was looking at real estate in the Bay Area a few years ago when colleagues were trying to get me to move out there. I immediately noped out, and said those prices need to have a massive crash and come back to Earth before I consider something like that.
Revolutionary_Lie539 t1_j9yrk8e wrote
Im not sure why some Redditors do not want to use firm provided computers. Its insane. I have a firm laptop. Its awesome. I do WFH once per week. I guess some Redditors are shady.
Smith6612 t1_j9yyrz1 wrote
Beats me. The reasons I hear are because their home environment is set up the way they like and they don't want to recreate it. Or the work hardware is loaded with too much "spyware" / software which bloats it. Or they don't like the forced software updates. Or the hardware is too slow (when I usually argue within me that the software being written is inefficient), and so on, and so forth. Or they don't want to deal with two computers. I see it whether the work computer is some high end workstation or MacBook Pro, or some craptop.
ElectronicGate t1_j9y1shm wrote
No company with even half a brain would let you log into corporate resources without using a company issued computer. No one uses their home computer for that type of work.
Smith6612 t1_j9ygfiv wrote
Actually, you'd be surprised how often people try to use their home computer. Either because it's slightly faster, it's a nicer (more expensive) machine, or because to them, a computer is a computer.
It's an argument I've had many, many, many times with people in the corporate world. Technical controls and strong corporate policy go hand in hand to stopping that.
ElectronicGate t1_j9yqczp wrote
I'm sure there are exceptions, but most companies are going to use a certificate provisioning process tied to the device that is required for connecting to corporate resources. I agree with you that lacking this opens the door for someone to connect with an insecure device and create a whole series of compliance issues.
theneedforespek t1_j9xmx4z wrote
the work from home people don't wanna hear it apparently
Smith6612 t1_j9yim4j wrote
Pretty much... I hear it all the time when consulting.
Viewing a single comment thread. View all comments