Removing users access from home

[wattmhite]

Hi All,

I have an employee that is stealing data when working from home from my companies database.

We currently run a server in our office which our users connect directly to during the day with our local network, then they can access our database from home using our servers ip address,.

Under security-users permissions, is there a way to allow the user to access the database while connected to the network directly in the office only but prevent him/her from accessing it from home?

[OlgerDiekstra]

Rather than trying to solve this with technical solutions, I'd suggest getting their manager/hr to sort this out. What makes you think they wouldn't steal whilst in the office? It's a bit more risky but no doubt there are plenty opportunities to save data unseen and transport it outta your network. Connecting to Tor is quite trivial, especially as it doesn't require installation. 

Rather than attempt to fight this with technical solutions, get rid of the problem. What you need to do is collect proof. And then hand it over to HR or their manager.

[Wim Decorte]

If you don't open the ports on your firewall then nobody can connect from the outside.

Alternatively, if you are using External Authentication and the provider allows it, you can limit access from certain machines only or during certain times of the day (AD accounts for instance allow for this).