Results 1 to 2 of 2
  1. #1
    New Lounger
    Join Date
    Apr 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    SBS2008 setup for user who travels 50 percent of work time

    We have sales personel that spend 50% of the time travelling and other 50% in the office. What si the best way to set their users accounts in SBS2008 to accomplish the following:

    1) Have acces to their files 100% of the time
    2) Have the redirected folder on so we have their files backed up
    3) Files created during the time they are travelling being backed up as soon as they return to the office network

  2. #2
    Lounge VIP
    Join Date
    Apr 2011
    Location
    Scotland
    Posts
    1,168
    Thanks
    44
    Thanked 134 Times in 115 Posts
    Hello tonyromero, welcome.

    A couple of ways you could do what you need:

    You could setup VPN access through the gateway, configure the user account for VPN access and give the sales guys access to their network drives that way. However, that has security risks since you do not have full control over the security of the device that is connecting through the VPN and company data will leak outside of the network onto the local machine.

    Perhaps a better way is to install a terminal server. Enable roaming profile if not already done, and enforce strict authentication policies re passwords etc. Then enable the users to connect via RDP. This method has the advantage that data remains inside the network and is backed up using your existing methods. Group Policy can provide fine control over who has access to what. It relies on the TS being secure and your login policies being up to scratch so you should take proactive steps to make sure they are. For example, do not use the default RDP ports, make sure you patch the TS with the latest update from Microsoft so you are protected against the recently disclosed RDP vulnerability and enforce frequently changed complex passwords. There is still a risk that the client machine is infected with credential stealing malware, but frequently changing passwords goes some way to mitigate that. The client also has no direct access to the network, so data leakage would require a human factor - it may still happen, but training and your GPO's can help reduce the risk.

    /edit
    ...another thought: Remote Web Workplace (RWW) might do what you need. It should be more or less functional out of the box on SBS, but may need customisation depending on how your sales guys works and how & where the data is stored. Security is managed by the Server, so you still need to verify that is OK and you need valid SSL certs installed.
    Last edited by Tinto Tech; 2012-04-18 at 18:59. Reason: add in possibility of using RWW

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •