sharing office space with another company

N

nowwhatnapster

Limp Gawd
Joined
Aug 9, 2009
Messages
406
Anyone ever dealt with the merging of two companies into one office space? The company I work for is potentially moving into another companies office space on a sublease. The other company is moving the majority of their operations to a new location, but as they still own the lease they intend to leave 1-2 employees at this location.

Not sure the best way to approach this.

Should I push to make them pay for their own internet/phone service and maintain their own network?

or...

Should I offer to invest in a managed switch and set them up with an isolated vlan?

Any insight from past experience with either scenario would be greatly appreciated.
 
The problem in those scenarios, is what Monkey God said. Can you offer enough bandwith ? Can you offer support ? Do you have security regulations and policies ? Will they comply to those security policies ? You have to draw a clear line about infrastructure managament because it can be a nightmare. IE they will start buy computers and server without letting you know, give credentials to third parties, etc etc
 
Yeah, best is to have the other company deal with their own infrastructure if possible. Unless your business is what you propose to do, I'd separate services. Inter-office co-operation is cool, you can offer to be a good neighbor, but anything more is asking for trouble.
 
I'll agree with everyone else. There is an old saying that goes; "good fences make good neighbors". Help them if they need a quick hand and then get back to your side of the fence.
 
4 strikes for merging infrastructure. I guess that settles it.

Any thoughts on beefing up security? Ours is very relaxed. I was thinking of the following:
  • Keep network equip and server in a locked rack
  • Force every PC to lock after set period of time
  • MAC address filtering on firewall/router
  • USB port locking?

Should I request a list of devices they will be using/maintaining, or is that pointless since we are separate?
 
Pointless, and if you asked me in this situation, I'd probably bum-rush you out of my office. MAC filtering is a PITA, there are better ways.
Will other firm have physical access to workstations, server rooms, APs, etc?
Will equipment be left unattended (do you have a 24/7 operation)?
What value is lost if workstations/network is accessed by unauthorized persons?
What is your current setup? (Server OS, WS OS(es), APs Mfg and Model, details on other equipment.

If you just want to sound cool, what you said is fine. If you want an informed suggestion on security, you need to inform us.
If you don't have anything worth securing, security is kinda pointless.
If you are running a windows domain, I'd say teaching everybody Windows Key + L and enforcing it is fine for WS security.
For AP security, WPA2 w/ AES is fine, use VPN if you are paranoid, or RADIUS.
What router are you using now? check for any known vulnerabilities on your firmware.

If someone has physical access to your data, they can always just walk off with it. If you are just trying to discourage moochers and office hijinks, just about any thin barrier will work.
 
nowwhatnapster said:
Anyone ever dealt with the merging of two companies into one office space? The company I work for is potentially moving into another companies office space on a sublease. The other company is moving the majority of their operations to a new location, but as they still own the lease they intend to leave 1-2 employees at this location.

Not sure the best way to approach this.

Should I push to make them pay for their own internet/phone service and maintain their own network?

or...

Should I offer to invest in a managed switch and set them up with an isolated vlan?

Any insight from past experience with either scenario would be greatly appreciated.
Click to expand...

Does the existing company that is downsizing in that building have an existing IT infrastructure? Are they planning on leaving it behind?
 
RocketTech said:
Pointless, and if you asked me in this situation, I'd probably bum-rush you out of my office. MAC filtering is a PITA, there are better ways.
No doubt I would not make the cut. I have no formal training, but I am vastly more competent than anyone I work with which is why I have unofficially assumed the role of an IT administrator.
Will other firm have physical access to workstations, server rooms, APs, etc?
Yes, but I am hoping to at least restrict physical access to the server/network core.
Will equipment be left unattended (do you have a 24/7 operation)?
Yes, they will have a key to the building
What value is lost if workstations/network is accessed by unauthorized persons?
We handle card holder information and therefor must comply with PCI-DSS level 4 regulations. Data is stored locally on the server and 1 workstation but encrypted and password protected on both. Other important data like company financials are stored on the server. Very little sensitive data is stored on the workstations.
What is your current setup? (Server OS, WS OS(es), APs Mfg and Model, details on other equipment.
Server: Server 2008 with Hyper-V Server 2000, 8 workstations on XP Pro, 1 firebox X55e-wireless, un-managed gigabit switch, couple of IP printers, 1 wireless printer, but will likely make that wired when we move and turn off the wifi completely. This is all on a "Workgroup" not a domain.

If you just want to sound cool, what you said is fine. If you want an informed suggestion on security, you need to inform us.
If you don't have anything worth securing, security is kinda pointless.
If you are running a windows domain, I'd say teaching everybody Windows Key + L and enforcing it is fine for WS security.
For AP security, WPA2 w/ AES is fine, use VPN if you are paranoid, or RADIUS.
What router are you using now? check for any known vulnerabilities on your firmware.

If someone has physical access to your data, they can always just walk off with it. If you are just trying to discourage moochers and office hijinks, just about any thin barrier will work.
Click to expand...


shade91 said:
Does the existing company that is downsizing in that building have an existing IT infrastructure? Are they planning on leaving it behind?
Click to expand...
Yes they do. They intend on leaving part of it behind. They will have at least 1 workstation setup in the same room as our workstations.
 
I would create two separate networks, and I would treat their network as a hostile one(the internet). I would block all access to local resources and simply give them a piece of the shared internet connect bandwidth pie for a reasonable fee. If they dont like it, they can get their own. This way, you don't support their crap, their lack of security wont impact your network and if the internet goes down, you need to work on it anyways.
 
From your replies, definitely limit physical acess to the server. If it is secured in a lockable cabinet, be sure cabinet is properly secured- bolted down to the floor and/or wall. Weight is almost irrelevant with a decent hand truck.
Inventory and track any keys to secured equipment/racks- this is mostly CYA.
I'd suggest physical security on the WS with sensitive info. If you can't physically secure it (in locked office with limited access), I'd suggest locking it in with the server and using Remote Desktop on a dedicated VLAN or a KVM/IP, extra points for using a secure User Station (Raritan Paragon II Master with P2-EUSTC).
I'd suggest not connecting the Wireless AP(s) to your production CC LAN, but that is between you and your paranoia level. The biggest issue with WiFi is not necessarily that it is insecure now, but you can bet it will be insecure in the future. I'd suggest VPN over WiFi to access sensitive data, again mostly for CYA.
You'll get alot better security running a domain, mostly from the ease-of-management standpoint. I'd suggest upping to Hyper-V 2012 (It's Free), and get those XP boxes updated- support ends for them in a couple months. I'd strongly suggest upgrading Server 2K8 to at least 2K8R2, but you might as well go to 2012.
With an unmanaged switch, you'll have a flat network, limiting your options on separating networks. If your company has good growth potential, definitely plan some upgrades.

With the MACs, I didn't intend to insult, I just wanted to let you know I wouln't supply MACs of my equipment to another company. A firewall between you and them is a minimum; will separate their equipment better than a MAC exclusion.
 
tommyrick said:
I was told today that we are moving to something like WeWork/Regus in the next month or two & I am trying to get things together so that we are ready for when the time comes. Currently we have about 10 servers and quite a few spare monitors/desktops. All of the servers along with most of the spare equipment will need to go. Here are some of the things that I am working on right now:

- Move on-prem Domain Controller to Azure AD.
- Move File Server to Onedrive. Already using O365, so this shouldn't be too bad.
- Request for static IP if available so we can whitelist certain applications to be accessible from our space.
- Setup Firewall for just our network (wouldn't want anyone snooping on our network).

What are some of the things that I should make sure is thought of before the move? What else should I add to the checklist?
Click to expand...
Make a new thread... Necroing this one is pointless. The OP was made a decade ago and the author was last logged in 4.5 years ago ;).
 
tommyrick said:
I was told today that we are moving to something like WeWork/Regus in the next month or two & I am trying to get things together so that we are ready for when the time comes. Currently we have about 10 servers and quite a few spare monitors/desktops. All of the servers along with most of the spare equipment will need to go. Here are some of the things that I am working on right now:

- Move on-prem Domain Controller to Azure AD.
- Move File Server to Onedrive. Already using O365, so this shouldn't be too bad.
- Request for static IP if available so we can whitelist certain applications to be accessible from our space.
- Setup Firewall for just our network (wouldn't want anyone snooping on our network).

What are some of the things that I should make sure is thought of before the move? What else should I add to the checklist?
Click to expand...
But, make sure you have a backup solution to backup all those files from OneDrive, as MS is not responsible if you lose data due to their incompetance.
 
GoldenTiger said:
Make a new thread... Necroing this one is pointless. The OP was made a decade ago and the author was last logged in 4.5 years ago ;).
Click to expand...
No joke, I decided to pop in today and was just randomly scrolling through and saw my thread.

OP is alive and well lol

tommyrick said:
I was told today that we are moving to something like WeWork/Regus in the next month or two & I am trying to get things together so that we are ready for when the time comes. Currently we have about 10 servers and quite a few spare monitors/desktops. All of the servers along with most of the spare equipment will need to go. Here are some of the things that I am working on right now:

- Move on-prem Domain Controller to Azure AD.
- Move File Server to Onedrive. Already using O365, so this shouldn't be too bad.
- Request for static IP if available so we can whitelist certain applications to be accessible from our space.
- Setup Firewall for just our network (wouldn't want anyone snooping on our network).

What are some of the things that I should make sure is thought of before the move? What else should I add to the checklist?
Click to expand...

Yeah this in new thread stuff bud. But you got your work cut out by the sounds of it. You don't typically setup your own network in a wework office in my experience. Your security shifts from the network onto the endpoints. Migrate your servers to SaaS solutions and any legacy stuff that can't go saas you lift and shift into a public cloud.
 
You must log in or register to reply here.
Back
Top