Home
Join
check
  • This seems to be a concern for management, security and IT.  Why does HR have any say in this?  Why is senior management not overseeing the company?

    Pepper graySpice (107) flagReport
    Was this post helpful? thumb_up thumb_down
  • View Best Answer in replies below

    140 Replies

    • I have one customer that Engineering does not want to be on the domain.  "I just don't want my PC controlled by IT".  Or "I hate domain control of my PC", since a couple of them are software developers, those are the biggest complainers.  I just had a talk with the CEO about Security and now they are on the domain.  I think you need to bring up security to them and how you can control outbreaks if they follow the domain policies.  I have never seen an employee that did not need access to an internal server.

      Do they not need Virus scan either??   Do they not need Malware protection??  It kinda falls under the same category of those. 

      Pepper graySpice (33) flagReport
      Was this post helpful? thumb_up thumb_down
    • This seems to be a concern for management, security and IT.  Why does HR have any say in this?  Why is senior management not overseeing the company?

      Pepper graySpice (107) flagReport
      Was this post helpful? thumb_up thumb_down
    • Small company, 4 managers, 1 IT person, and 1 CEO, 1 president.   HR is one of the Managers.

      Then about 40 employees under everyone else.

      Pepper graySpice (7) flagReport
      Was this post helpful? thumb_up thumb_down
    • I asked about it again, and basically was told, Find out if our Cloud based email and drive storage is under the scope of our compliance audits for Soc, if they are then it would go on the domain, else it would not.

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    • I guess the question should be, or said. If any of these systems contain, transmit, or used to make a statement about financial health then they are in scope of an audit. 

      I'm sure if you are going to SOC compliance you will have a consultant that you can bounce the question off from. If you are doing this all with internal resources... Well, I wish you well. 

      Pepper graySpice (13) flagReport
      Was this post helpful? thumb_up thumb_down
    • George1421 wrote:

      I'm sure if you are going to SOC compliance you will have a consultant that you can bounce the question off from. If you are doing this all with internal resources... Well, I wish you well. 

      This is a very good point here.  Internally you are just viewed as the "IT guy" who may or may not know what he's talking about.  Now typically you don't have access to a consultant since those are billable hours.  How do you get funding for such consultation?  You can pitch it to management thusly -- "We don't know what we don't know.  We can wait until we get our first official audit.  And I can pretty much guarantee you it will be ugly."  At this point, depending on the internal company culture, you could make a comment about placing a bet on that last statement in Las Vegas.

      And you know what?  They could be totally fine with busting that first audit.  After all, it shows room for improvement and the next should indeed be better.  And that (from my perspective) is typically the case.  The overall guidance is usually so broad and sweeping that it's rarely totally actionable.  So you're pretty much at the mercy of the auditor and his/her interpretation of the existing guidance.

      But then again, you're likely to be on "the pointy end of the stick" when it comes to fixing a lot of the action points.  Such is the life of an IT guy. 

      Pepper graySpice (5) flagReport
      Was this post helpful? thumb_up thumb_down
    • We do have consultants, for it, but I am the sole it internal security expert.  I pretty much know what the requirements are because ive been though about 10 of these audits with other employees.  But im sure as with all the other changes i've requested, I'll have to have the consultant say its required or needed.

      Im also not just allowed to ask them a question, It has to go though billing approvals and such to get the answer.  Figure 1 question is a billable half an hour.

      Pepper graySpice (3) flagReport
      Was this post helpful? thumb_up thumb_down
    • I might suggest showing them a nice little diagram of how it would work to configure systems and users without a domain then with a domain, and if they plan to do any expansion down the road, it wouldn't be a nightmare.

      Perhaps plead with your sanity at stake.  "Do you want me to work 20 hour days, or 8 hour days? How much can you afford to pay me, and how much do you want me to be able to see my family?"

      No domain might result in IT personnel going postal... seriously I think I might apply to be a mail carrier...

      Pepper graySpice (5) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

       They are fearful that I the almighty Admin could steal other employees confidential Data.

      Start with explaining you don't need AD to steal their data, then move to explanation AD is not for controlling data on machines, it's for controlling OS and users. Explain it increases security by enforced password policy, let's you spot unauthorized logins, and so on. You can also impute they wouldn't want AD only if they have something to hide. Maybe they have :)

      brianfulcher wrote:

      To take it a step further, I asked what about backups of our company contracts.  and such, i was told they are all in a fireproof safe, or in the google drive cloud.
      Fireproof safe? Wow, I'd like to know technology behind this.
      Let me guess - they keep data on Google Drive unencrypted?

      Pepper graySpice (28) flagReport
      Was this post helpful? thumb_up thumb_down
    • As Scott indicates, this is a management issue. However, one area that IT generally needs to improve is in communication to other non-IT people. See this as such a chance. It's all about how you pitch it to them.

      Just because their PCs are on the domain, does not mean that you would have access to their equipment. In fact, you can highlight that with the PCs connected correctly, they could be even more secure, by specifically denying non-HR staff access to their data.

      Being on the domain means that you can manage updates, printing sessions, AV, etc. etc. which will all help to keep them more secure.

      Sales 101; find out what their concerns are, turn it around and show them why your solution will address those concerns.

      Pepper graySpice (11) flagReport
      Was this post helpful? thumb_up thumb_down
    • Risk issue.

      Outline the details in writing, send it to leadership, and act accordingly.  Have seen places where they had to have 3-5 rotations of people in similar positions leave the company in short order due to issues as described.

      Pepper graySpice (6) flagReport
      Was this post helpful? thumb_up thumb_down
    • Has anyone not mentioned an NDA? 

      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • Who has set up these computers? Did HR set these computers up, or did IT set these computers up?

      Have they been advised that unless they install and configure the PC's themselves, then IT have access to their PC's anyway (via network and admin password) anyway?

      Also, they trust google drive over their own IT dept?

      Pepper graySpice (14) flagReport
      Was this post helpful? thumb_up thumb_down
    • DR!  Fireproof safes normally have a max 60 minute rating for data, have you made them aware of this?  and sensitive data in the Cloud, don't get me started with this!

      Pepper graySpice (8) flagReport
      Was this post helpful? thumb_up thumb_down
    • The most important thing is that you have the management on board with this as it is a security issue to not have the computers in the domain. They use the same LAN connection to the world wide web as the domain computers and probably use the company's DHCP server to receive an IP address. If they don't want to cooperate remove them from the network and create a complete separate network with a direct line to the outside world, and let them sign a paper that says they are no longer the IT departments problem and they have to manage their own computers etc. No support no anything. I'm sure they don't want that. No domain computer then no access to the company network as they are a security risk to the managed devices. 

      If a snoopy IT admin would like to see things he shouldn't he can always use a C$ share to the computer. All devices should be managed devices and of course you could give some of the devices users local admin / power user rights so they can do a lot more with the computer but they should be managed by the IT department.

      My former employer had a policy that a computer with local admin was allowed but when there are support questions there was a time limit of 15 minutes to solve the issue, if it could not be resolved within the 15 minutes the only option was a redeploy of the device. 

      If you need to be compliant then security is a hot topic so you have to make sure that is covered.

      You've probably signed a confidentiality agreement beside your contract, IT staff always see thing they are not supposed to see when they are normal employees so wee see and don't do anything with the things we see. 

      Data in a safe is not safe in case of a fire and sensitive data in the cloud on Google. Okay how about that of security.

      Pepper graySpice (11) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

      We do have consultants, for it, but I am the sole it internal security expert.  I pretty much know what the requirements are because ive been though about 10 of these audits with other employees.  But im sure as with all the other changes i've requested, I'll have to have the consultant say its required or needed.

      That was the point of mentioned to ask your consultant. When these small (mom and pop) companies don't trust their internal IT staff, they will typically trust an outside consultant [without question] when they are paying $200 per hour for their advice. 

      Pepper graySpice (8) flagReport
      Was this post helpful? thumb_up thumb_down
    • Bit of an intractable one there, if you've been tasked to make the company compliant then either you do it and put everyone on AD or you go back to the head honcho and tell them that HR are going to handle it all as they know best.

      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • Here is Microsoft's official opinion on Active Directory best practices.

      https://msdn.microsoft.com/en-us/library/bb727085.aspxOpens a new window

      If you want a business use case from a Networking stand-point. Cisco makes some good points.

      http://www.cisco.com/web/about/ciscoitatwork/business_of_it/active_directory_migration_web.htmlOpens a new window

      And if you want another system administrator's opinion on the subject:

      (Excerpt from

      https://serverfault.com/questions/576803/does-it-make-sense-to-use-windows-active-directory-in-a-sma...Opens a new window)

      Text
      I don't see having Active Directory (AD) as adding complexity. Rather, I see it as making administration easier. I see the functionality that it enables in the client OS as being a major tool to allow for smooth future growth and replacement of computers.
      
      From a cost perspective, there are very low cost versions of Windows Server (2012 R2 Essentials currently fills this niche) that bring a lot of nice tools to bear on small networks for not a lot of money. For small environments you don't have to mess around w/ CALs, too.
      
      Speaking about this in a "bigger picture" view, where Active Directory is just part of a feature set that a dedicated server computer and server OS can provide, I see a lot of advantages.
      
          Active Directory gets you single-sign-on, Group Policy, and the ability to create authorization schemes using Security Groups that will easily transcend employee turnover. In small businesses, in particular, a good permission strategy revolving around AD groups assigned to employee roles has enabled me to easily handle "Bob now does John's job" type situations (which seem to crop up more frequently in small businesses than large, in my experience) very easily.
      
          Having WSUS is great. Oh, boy, I like having WSUS.
      
          Did I mention Group Policy? Folder Redirection? Roaming user profiles? Oh, how I love stateless (or nearly so) client computers and the ease with which I can factory-reload a failed PC or replace a computer. Having users able to logon to any client PC and have basic functionality (client-side apps non-withstanding) turns "drop everything" emergencies into mundane service calls.
      
          I like having a "real" server to handle infrastructure protocols like DHCP and DNS (versus some wonky toy "servers" built into a consumer-grade Wi-Fi router, etc).
      
          Security auditing is much, much easier in an environment where centralized authentication and authorization are present.
      
          I'm a bit partial to the PC backup functionality in Windows Server 2012 Essentials for very small Customers where otherwise getting them to spring for a couple spare PCs to be used in a "hot desk" capacity in the event of PC failure is too much for them to spend. It's kinda hokey, and I would prefer not to backup anything on client computers at all, but the time savings in small shops where client computer standardization is nonexistent is hard to argue.
      
          The business might get value out of other bundled applications that the server could host like, say, SharePoint.
      
          Offering users remote access through Routing and Remote Acess Services or Remote Desktop Gateway.
      
      I like having an on-premise Windows Server with Active Directory in environments where there are Windows client computers. It makes my life easier and ends up costing my Customer less money, in the long run, than trying to "herd cats" by managing a fleet of non-domain-joined PCs.
      

      • local_offer Tagged Items
      • Tag by BF15BF15
      Pepper graySpice (14) flagReport
      Was this post helpful? thumb_up thumb_down
    • Seems to me that having the systems on the domain and backing them up on the company network is a must for ANY compliance. That is company data, it needs to be protected. What if those workers leave the company and have not uploaded documents regularly? I would say having everything in Google Docs or other cloud service like Box, etc., would not pass compliance either. I know there are HIPAA concerns using them here in the states.

      Pepper graySpice (6) flagReport
      Was this post helpful? thumb_up thumb_down
    • Document the fact that you have had this discussion with the powers that be and were told what to do against your recomendation.  Then it is on their shoulders.  If management does not want to do anything about HR, it's on them.

      Pepper graySpice (6) flagReport
      Was this post helpful? thumb_up thumb_down
    • As JoshECC pointed out, if they REFUSE to join the domain, document it, at least in e-mail. Because if you fail the SOC audit or anything bad happens, guess who's going to be blamed...

      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • As several others have stated, Senior Management buy-in and support is critical for any of these compliance programs, regardless of how the technology is ultimately applied. It's one of the first principles of any ISO implementation program.

      It takes planning though. You've been told you need to make the company compliant with a standard, so that is your first prop: in order to grow/build/stay in business, you need to ensure compliancy with this standard. Compliance is never a "pick and choose" thing, it's across the board of all affected and interoperating systems, departments and process. No weak links or non-players. Plan that out, and once you're satisfied that you've covered all the technical bases as far as "how" is concerned, it becomes a marketing job with the board (or the most senior person who is actually *responsible* for ensuring compliance). Once they're bought in, you're golden. Have regular meetings, especially early on, to keep everyone informed of progress and actions.

      (Aside: the second principle of most compliancy implementation programs is Continual Improvement, so get some basics together (like a document control process), then document your CI process, then do some more work on the other stuff. Bingo - immediate CI results from the start!)

      It helps to get RACI matrices dialled in early, and ensure that they assign appropriate responsibilities to appropriate people: HR may be resisting, but if they are (correctly) responsible for implementing and managing certain processes that apply to their department, their ability or failure to do so a) doesn't reflect on you and b) demonstrates clearly to the bought-in management that they are or aren't playing their part in gaining compliance. That is usually enough to make people play ball.

      And no, I don't think any of the main compliance programs consider duplicate copies in the cloud or on another laptop worthy of the name "backup". If it's a proper, managed cloud backup solution maybe, but not just dropped in someone's Google Docs drive.

      Was this post helpful? thumb_up thumb_down
    • One important question is: if they're backing things up to Google Drive Cloud - who's login are they using & what happens if that person leaves the company?

      Pepper graySpice (7) flagReport
      Was this post helpful? thumb_up thumb_down
    • I'll point out something that happened here where I work.   One of our employees went rogue and was asked to resign.  She wiped all her data, and was less than forthcoming with some of the websites she had stored stuff on.   What happens if one of your HR staff does the same?  I'm going to guess your business using the personal Google Drive accounts and not a business version, which means you have 0 access to whatever is stored on that drive account.  Hopefully you are using the business version of Drive, so you could at least get access to those accounts if somebody should leave.

      Pepper graySpice (2) flagReport
      Was this post helpful? thumb_up thumb_down
    • I have received push back over users who forget it is not their PC but company property.  If it is a crucial issue (like this one), I drop making any IT related arguments.  If you continue down that path, you will only annoy the user and cause yourself aggravation.  I suggest using a different tact.

      Look at the SOC compliance requirements.  Find the specific requirements from the SOC website and print them out or make a PowerPoint presentation out of them.  Make sure you include graphs, management loves graphs.  Give the exact reason those machines need to be on the domain to be compliant.  At the end of the document I would add some horror stories of non-compliance.

      If you go this route you are no longer the PITA guy pushing for change, now Uncle Sam is the bad guy and you are just the messenger.  If they don't do what the Federal government tells them, it leaves the company open for litigation.  Manager's pucker factor goes to 11 once you start talking about lawyers.

      Pepper graySpice (2) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

      Was told by HR who is the only person allowed to speak to the consultant, that they will reach out to them via email and ask them if our cloud storage falls under the scope of their audit.

      Very interesting... (I know what I'm saying and I've been in your shoes a few times in my career), but why they hell is HR the interface to the consultant for SOC(s) compliance? I could understand the finance manager, or even ICT manager.

      I say this with some delicacy. The people that are balking at connecting to the domain and following established best practices, will be asking an outside party and then filtering the information back to the company. I think there is a level of trust missing in this business arrangement between you and your employer. I understand working for a small business (especially family owned) and the politics involved. You must tread lightly here. If compliance, credibility and trust start to become an issue start to look elsewhere for employment.
      Pepper graySpice (6) flagReport
      Was this post helpful? thumb_up thumb_down
    • We are using apps for work, and have 2 factor enforced, and restrict them from having publicly available files.  But none of this at all restricts them or any other employees from being able to download their cloud data to their personal, or non domain workstations.

      Was this post helpful? thumb_up thumb_down
    • As was said above, 

      Dig out the rules for compliance, summarise them to be palatable to the Management and present your case.

      HR are a department of the company, not the company.

      Management handle HR, You handle compliance.

      In this instance I think your job is to assist Management with the proper arguments they need to manage HR.

      These type of situations often arise from a lack of information and a fear of change. If you can present a confident demeanor and simple facts this should help you get the Management to manage the HR department.

      Pepper graySpice (2) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

      apparently the HR manager which is the sole hr employee also wears the hat of finance manager

      Those are the best kinds. ::dry heave::
      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    • Instead of beating your head into the wall on this, document their stances and head into compliance audit.  And when they fail, address the failures.  For the "Internal Security Expert", they clearly don't care about your stance.  Unfortunate but all too common in the small / medium business ego-sphere.  So, document what they think is their required stance, and put them to audit.  When they fail, they can deal with it.

      Pepper graySpice (3) flagReport
      Was this post helpful? thumb_up thumb_down
    • Thomas0311 wrote:

      brianfulcher wrote:

      apparently the HR manager which is the sole hr employee also wears the hat of finance manager

      Those are the best kinds. ::dry heave::

      yea its a bit like me,

      I wear the had of Desktop support, Network Engineer, Network Architect, Server Admin, Security admin... and on and on... basically everything other than programming or DBA

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    • Also, I think it's terrifying that any company hires an IT admin and then doesn't trust them! I can kind of understand that, for something as important as compliance, they might want to have someone in management who runs the project, but refusing to work with their own IT person shows how little understanding of IT they have.

      Yes, as with any person in any department, there is the possibility that your IT guy might be a bad apple. But they clearly don't understand that the nature of the IT Admin job is one of supreme, ultimate but largely hidden power that HAS to be held responsibly. A flick of a switch, malicious or innocent, could destroy the business, and if they don't inherently trust the person holding those keys then something is very wrong.

      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • Once the computers are in the domain, it is easy to track who access resources there through the network using the servers logs. On the other hand, joining them to AD creates more access control.

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    • Unless you get them to agree with the point of having proper security then the people with the highest security risk are the ones with the lowest security. 

      Was this post helpful? thumb_up thumb_down
    • If they are worried about other people having access to personal data google cloud is probably not the best place for that data.  And storing that data locally on a PC is easy to hack and get to.  Just show them how easy it is to hack a local computer and find that data really is.  Computers on a domain are much harder to hack and steal data.

      Was this post helpful? thumb_up thumb_down
    • Shoot them the sections of the compliance standards that covers this in email, and move on to the next part of your compliance.  When you have nothing more then these computers to cover, hit them up again and make sure they understand they are the only thing standing between compliance and non compliance.

      You also have to accept that it might take a failed audit to get people to take notice and realize you are not just trying to steal all the things.  If you can find some horror stories of people who failed the audits for similar reasons, might give them a little push (had to do this for a MS audit, company didn't want to get compliant, did an internal audit, figured out how much they were behind and added some fear factor numbers based on others saying what they got hit for.  Amazing how fast that PO got approved.  I don't think the email had finished transmitting.)

      Was this post helpful? thumb_up thumb_down
    • HR has no say. This is between you and upper management, if they don't go with it despite all the reasons why domain joined pcs are a good thing because some fuddy duddy in hr doesn't want you having greater control over their pcs then they either are stubborn or have something to hide. 

      Was this post helpful? thumb_up thumb_down
    • Preliminary answer:  Tell them they're effing stupid and let you do your job....

      My reply now that I've read:  How are they reaching the internet? Are they connected to the infrastructure? If they are, tell them they're already on the network and what you want to do is simply make it easier to manage the computer (e.g. install updates, provide remote support, etc)

      Take the voodoo portion of the convo out of it. Don't tell users you need to add them to the active directory domain, they don't know what the means and, more importantly, they don't know what that means for them. I would say, "hey, I need to make a change to your computer. Can we schedule a time? You should not notice a change.

      Just wondering...how are you managing user accounts if they aren't on the domain?

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    •  

      Scott Alan Miller wrote:

      This seems to be a concern for management, security and IT.  Why does HR have any say in this?  Why is senior management not overseeing the company?

      Exactly what I was thinking. I don't get how HR even has a voice in this matter.
      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • one never access's anything internal becuase hes remote, the other connects to our guest wifi, which restricts data between our internal network, and the wifi network, but they go outbound though the same firewall and ISP.

      Was this post helpful? thumb_up thumb_down
    • I would just state that been non-compliant puts the company and data protection at risk. In addition you cannot be expected to support a non-compliant business function.

      End of the day you can have them on the domain but still logging on locally so they will never know!

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    • Let HR have a voice in IT when IT has a voice in HR ! I could find a few that shouldn't be in the Domain by way of being fired by putting the company at risk.

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

      one never access's anything internal becuase hes remote, the other connects to our guest wifi, which restricts data between our internal network, and the wifi network, but they go outbound though the same firewall and ISP.

      Go to yoru boss and tell them the situation. "To be compliant, we need to add these machines to the domain. They're saying they don't want me to do it. This is why I think we should do it anyways: x, y ,z. Can you please assist/advise?"

      Was this post helpful? thumb_up thumb_down
    • This is how the conversation should go down.

      "You work in HR, your opinions are invalid."

      On the real, HR is not IT and they have no idea what best practice would be. 

      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • why don't you just update the firewall solution 'to prevent unauthorised access' so that all access need to be authenticated by an AD account, the effort of having the enter a password to get onto the internet for every session might make them beg for the single sign-on capability of linking the company PC they use to the domain.

      get approval from the CEO beforehand of course

      Pepper graySpice (2) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

      I'm tasked with getting our company Soc Compliant.  Im getting some resistance when i told Human Resources that their Systems need to be on our active directory domain.  They are fearful that I the almighty Admin could steal other employees confidential Data...

      If these computers are connected to your network in any way at all, you already can hypothetically "steal" their data. I'd get the owners onboard and explain to HR that they have to trust IT with their info (I.T. does stand for "Information Technology," after all), just as you and everyone else at the company trusts them to manage human resources. At the end of the day, HR is not capable of properly managing and securing data because it is *not* their job, it's yous! To me, it's really that simple.  

      Pepper graySpice (4) flagReport
      Was this post helpful? thumb_up thumb_down
    • ...They are fearful that I the almighty Admin could steal other employees confidential Data.

      ....To take it a step further, I asked what about backups of our company contracts.  and such, i was told they are all in a fireproof safe, or in the google drive cloud.

      They trust a resource that they have NO control over, but not their 'almighty Admin'...

      I would be looking for another job...


      Pepper graySpice (5) flagReport
      Was this post helpful? thumb_up thumb_down
    • brianfulcher wrote:

      one never access's anything internal becuase hes remote, the other connects to our guest wifi, which restricts data between our internal network, and the wifi network, but they go outbound though the same firewall and ISP.

      That's still your (read: the company's) infrastructure. More to the point, if company data is being backed up anywhere, it needs to be documented and it needs to be available. Does your company not use email? What is the point of having computers if they don't need them to hit any "internal resources"? The fact that the company owns the machines makes them "internal resources"...

      We have employees that do not visit our office more than maybe once a year, but their machines are all on the domain - password reset policy and all. You're mitigating risk by adding the control, but you already know this (and likely everything everybody else has said); it's going to be a slow burn for SOX compliance, at least it was in my case, so just keep doing what your doing. Congrats on going public/being swallowed by a public company!

      Pepper graySpice (1) flagReport
      Was this post helpful? thumb_up thumb_down

    Read these next...

    • Simple command to monitor Windows 10 temperature?

      Simple command to monitor Windows 10 temperature?

      Hardware

      I feel like this has probably been address before, although I was wondering if someone is aware of a simple command I can run to report the internal temperature of a Windows 10 PC?I think all computers monitor the temperature, although I've only found thi...

    • Remote access to DVR?

      Remote access to DVR?

      Security

      Hi!I have an older Hikvision DVR that I need to provide remote access to. The users would be mainly accessing it from their smartphones. I tested their software, iVMS, by assigning one of my public IP's to the DVR and it worked fine. However the issue is ...

    • Snap! -- Survival Kits, Forest Bubble on Mars, AI Movie Plots, Leprosy & Livers

      Snap! -- Survival Kits, Forest Bubble on Mars, AI Movie Plots, Leprosy & Livers

      Spiceworks Originals

      Your daily dose of tech news, in brief. Welcome to the Snap! Flashback: Back on December 6, 1907, Mathematical Logician J. Barkley Rosser Born (Read more HERE.) Bonus Flashback: Back on December 6, 1998, International Space Station assemb...

    • Spark! Pro Series - 6 December 2022

      Spark! Pro Series - 6 December 2022

      Spiceworks Originals

      Today in History: 6 December 1240 – Mongols led by Batu Khan occupy and destroy Kyiv after an 8 day siege; out of 50,000 people in the city only 2,000 survive 1849 – Harriet Tubman escapes from slavery in Maryl...

    • The most boring but interesting Phishing Attempt I've seen

      The most boring but interesting Phishing Attempt I've seen

      Security

      Hello There,We've recently had a phishy email come through to one of our employees with an attachment to something work related. But here's the interesting part: The email was spoofed. When checked, the address was that of our own domain, however the emai...