No announcement yet.

Visitors and your network

  • Filter
  • Time
  • Show
Clear All
new posts

  • Visitors and your network

    I hope this is being posted in the right place.

    I'm curious whether anyone here has some "Best Practices" in regards to consultants and guests accessing your network at your office.

    As of now, we only allow consultants / visitors to access our the internet via a wireless connection, that is on a different subnet than our main network. They have no company email address, access to our file server, remote access or ability to print.

    Consultants have recently launched some complaints as to how restrictive this is and they claim these policies and practices inhibit their ability to do work while at our office.

    We're a relatively small organization with about 60 employees so we have a modest budget that likely won't permit us to add much more hardware.

    Can anyone make suggestions or post best practices policies they may have in regards to this topic?

    Many thanks!

  • #2
    Re: Visitors and your network

    Unless they're IT consultants in to do work on the IT systems, then I would leave them as they are. If they need access to documents held on the servers, then they can login to a company machine with a temporary user account, or have a member of staff working with them.

    Ultimately this is something that management need to agree on and have it form part of the company policy.

    At my company, I ran things exactly the same way as you and made it clear to anybody that complained that while they're working at our site, they're expected to comply with the company's policies.

    If you're using Windows Server for DHCP, you might want to look at this to prevent unknown machines from being assigned an address, should one of them decide to ignore you and plug in to the network. If you have proper structured cabling, you should also disable any ports which are not in use. Or wire them up to the mains, your call
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.


    • #3
      Re: Visitors and your network

      Originally posted by DKNUCKLES View Post
      Consultants have recently launched some complaints as to how restrictive this is and they claim these policies and practices inhibit their ability to do work while at our office.
      Have they given any examples of what they need and why? We also have a similar setup for several of our customers with Wireless Guest access and haven't had anyone complain. Personally I'm not letting anyone onto a network I support with out them being an employee or without A: Good reason and B: Senior Management approval. As gforce said as well, make sure they are fully aware that they must read and comply with your acceptable use policies.
      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
      Cruachan's Blog


      • #4
        Re: Visitors and your network

        Thanks for your feedback, it's greatly appreciated and it's good to know that we're making smart decisions.

        I believe the reason that they're a bit upset about the lack of access is because at one point they had access to all the things I listed they don't have access to now (this was before I was responsible for the network). We had a bit of an issue with a consultant sending out proprietary information and now we've cut all access off.

        The ones with issues are the ones that we've had around for a while and previous had work saved on our drives.