I’m a consultant and on occasion, I have to be on-site at the client. The problem is, some corporations are completely psychotic about security. Unfortunately, it’s not for the right reasons. It’s usually to protect themselves. They look at everything you do, every email you send, every website you browse, and pretty much monitor your every move. God! It sounds like big brother right? You need to remember that there will always be one or more persons in each environment (customer) that is trying to hide something from you and has pegged you as the enemy, because you (as a consultant) wield the power to dismiss them. (at least that’s the case with me). People are a product of one thing; the desire to get more power or money even if it means stealing from their employer.
They don’t want their dirty laundry aired out and they sure as hell want to catch you and get the inside scoop on everything you’re doing and everyone you’re speaking to. They also want to see what you’re saying and what you’ve found.
I have a knack for finding the skeletons in every closet. Don’t know why, but I do. So there are a few rules I abide by.
1. Tell your customer contact (who you report to) usually, in my case, it’s the CEO or chairman to get a personal email account outside of the corporate email structure. This is how we’ll communicate securely and fashion the emails we want to document properly.
I use a VPN for EVERYTHING I do inside the corporate walls. End of discussion. I don’t play that game. I don’t like people knowing what I’m saying except to who I’m saying it to. I tell the CEO that I am indeed using a VPN for email communication and if they approve. Most will tell me yes.
So, I have an OpenVPN setup to my person VPN server that encrypts everything I do from the company on out.
Remember, most incompetent technology people (I say most) have no clue about encryption. This is a good thing. They have no idea as to how to deal with the tunnels, etc.
Are they proxying? fine.. let them proxy.. My VPN gets through their proxy and keeps my info secure.
So do yourself a favor and get yourself a VPN that you can activate at a whim. This keeps your communication and everything else you do secure.
Most if not all corporations don’t have Deep packet inspection technology. For one reason, they don’t have it in their budget. For any other, there’s no reason they could possibly come up with one to explain buying the technology *which runs in the hundreds of thousands of dollars*..
Do yourself a favor.. spend the money and get yourself a VPN you can activate from your laptop.. It’ll make you a more effective consultant and keep the enemies at bay. Remember, you were brought in, because people weren’t doing their jobs.
There are a few things to remember:
1. People fear consultants. They have jobs and they fear losing them. Give people a chance. Usually it’s not sheer incompetence, but the fact that they don’t have the resources or training they need. **REMEMBER THAT**
2. The only reason to recommend that someone be let go is because they are stealing or clearly not being helpful in the least bit.
3. HELP PEOPLE WHEN YOU CAN. If you help someone succeed, you will have gained a friend and a friend in the industry is a very powerful thing. You never know when someone will be in the position to recommend a consultant and you’d love to be on the top of the list.
4. The best solution is a WIN-WIN situation. There is always one to be found. It’s just a matter of finding one.
5. I have in my entire consulting career only let 3 people go. (For theft in all cases). Everyone else just needed the resources to succeed.
6. A good consultant is not a firing consultant, but one that helps your customer and their employees succeed. Blood-Letting is NOT the solution.
1 thought on “Corporate Privacy as a consultant”
Thanks for the auspicious writeup. It in fact was once a amusement account it. Glance advanced to far added agreeable from you! However, how can we communicate?