JP Morgan Chase has told staff moving into its new headquarters in New York that they must share their biometric data to access the multibillion-dollar building.
The investment bank had previously planned for the registering of biometric data by employees at its new Manhattan skyscraper to be voluntary.
However, employees of the US’s biggest bank who have started work at the headquarters since August have received emails saying that biometric access was “required”, according to communications seen by the Financial Times.
If you can connect to the company vpn from the companies WiFi, they’ve configured their networks wrong.
Some companies do “internet only” wifi where there is no routing to internal services for anyone, radius or not. A VPN is required, even when at work, to access anything internal wirelessly. Its a perfectly reasonable config that lowers the risk of breach of your internal network by exposing less of it over the air.
This is also the nominal config for most zero trust networks, but that’s more a consequence of the “always on” nature of those VPN connections since you never have unencryted traffic anywhere, regardless of origin point.
Yeah that’s a good point. I work in a space that’s still very much traditional networks with tiered enclaves accessed by strictly controlled company owned machines, so I tend to forget that zero trust networks and being your own pc places exist tbh.
Our servers are in a data center and not in the office building. We work remote most of the time and are only in office for important meetings and other things where it’s just easier to work together when sitting on the same table. If you don’t work with confidential data like HR or top management where you have physical things nobody else should see, you don’t have a personal desk because there are more people working than workplaces.
So the office is just “another place to work”. Wifi and LAN are just for internet, you can’t access internal services without VPN. Makes it way easier to manage instead of having to different routes to maintain.
Not quite like that. There is an internal wifi that I can’t get onto, and a public “guest” wifi that half of the tech staff uses and VPNs from.
Basically the protected wifi only really works on locked-down windows machines, and those aren’t usable for most developers. It’s mostly mac and linux there, and while the protected wifi is supposed to work on those, the IT staff don’t know how.
Ah. That makes more sense.
I’ve worked in IT since we used Netware with Windows 3.1
While I totally get what’s being said, it still makes me chuckle.