Working Remotely

Welcome to the New York State Office of Information Technology Services (ITS) "Working Remotely" website. Working remotely is accessing your agency's network away from your primary workstation. This site contains resources to support individuals who may be working remotely and includes common troubleshooting tips.

Overview

Generally, the following must be completed before an individual can begin working remotely. If you have questions regarding working remotely, please discuss with your supervisor or refer to your Agency's policy.1

1.) Working Remotely Basics Online Training Course

All individuals are required to complete and pass the "How to Work Remotely" Online Training Course before beginning to work remotely. This course covers the technical aspects of working remotely and can be found in the Statewide Learning Management System (SLMS) using code ITS_Work_2019 or by clicking the link here.

2.) RSA SecurID Token

You will need an activated RSA secure ID authentication token to access programs such as the Outlook Web Application and Office 365 products including SharePoint, and to use Virtual Desktop Infrastructure (VDI). Additional information about RSA tokens can be found by clicking on the RSA SecurID Token button above.    

3.) Virtual Desktop Infrastructure

You will need to install the VMWare Horizon Client application to access your workstation remotely.  The VDI will provide you with direct access to network drives and agency-specific applications. Additional information about VDI can be found by clicking on the VDI button above.

Hardware

It is important to note that your Agency may not provide you with any additional hardware for the sole purpose of working remotely. Subject to agency discretion, participants may be permitted to use their personal devices, such as a personal desktop computer, laptop, tablet, and/or smartphone, to work remotely. ITS will not be responsible for any hardware issues that may occur on personal equipment because of the program.   Users are solely responsible for keeping their devices functioning at all times. The ITS Service Desk cannot answer calls and/or respond to tickets that are related to personal device hardware issues.


1Please note that individuals must be approved to work remotely and secure appropriate access prior to doing so.

RSA SecurID Token

RSA SecurID is a multi-factor authentication technology that is used to protect network services. The RSA SecurID authentication mechanism consists of an assigned hardware or software "token" that generates a dynamic authentication number code at fixed intervals. Users provide the unique number code when logging into a protected service from any network outside the State network.

For any questions regarding using RSA SecurID for working remotely, please discuss with your supervisor or refer to your Agency's policy.

RSA Training Videos

How to use the RSA Self-Service Console and Choosing a Token

Software Tokens

How to Request and Activate a Software Token

How to Use a Software Token

How to Log into Office 365 with a Software Token from a computer

Hardware Tokens

How to Request and Activate Hardware Token

How to Use a Hardware Token

How to Log into Office 365 with a Hardware Token from a computer

RSA User Guides

RSA Token Request Job Aid

RSA Quick Reference Guide

RSA Help Section

What is Multi-Factor Authentication (MFA)? 

Multi-Factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login. 

What is a Token Passcode?

For a Software Token, your Token Passcode is the eight-digit number generated after entering your PIN on the RSA App. On your Soft token, the passcode refreshes every sixty seconds. If you have difficulty logging in after providing the passcode, ensure the correct PIN was entered. 

Your Hard Token generates a random, six-digit passcode every sixty seconds, also known as a Token code. Your Token Passcode is your PIN followed the Token code (the six random digits) from the Hard Token, with no spaces between them. 

How do I request a new token?

Log in to https://mytoken.ny.gov/ and request a new Token. You must mention that you are replacing your existing Token. You are only allowed one Token at any given time. 

Should I use a hardware or software token? 

Software tokens are the preferred method. Hardware tokens can become lost or stolen. 

I forgot my PIN, what do I do? 

If you forget or need to change your PIN, log into the Self-Service Console using your email address and password at https://mytoken.ny.gov/, then click "Change PIN". 

What is "Next Token Code Mode" and what do I do about it?

After entering too many incorrect passcodes, you may be required to enter a next Token code. If using a Soft Token, wait and then enter the next available passcode shown. If using a Hard Token, wait and then enter the next available Token code shown (random 6 digits). Do NOT enter PIN + Token code. 

I am locked out of my RSA Token account, what do I do?

Go to https://mytoken.ny.gov/, do not login. Click on "Troubleshoot SecurID Token". Enter your email address and answer the identifying questions. Upon submission of correct answers, your RSA account will no longer be locked. 

I lost/damaged my hardware token. 

Log into the Self-Service Console and request a new hardware token noting that the current one is broken or lost. If broken, send to: 

RSA Enterprise Platform Admins 

WA Harriman Campus Bldg. 8 Room 331 

Albany, Ny 12227. 

Where do I return my RSA token? 

RSA Enterprise Platform Admins 

WA Harriman Campus Bldg. 8 Room 331 

Albany, Ny 12227.

Virtual Desktop Infrastructure (VDI) 

Virtual Desktop Infrastructure (VDI) is the practice of running a user's desktop inside a virtual machine that lives on a server in a data center. All profile settings, installed applications, and the operating system are stored and managed centrally. Centralized desktop images, applications and files make data security more manageable, regardless of whether an employee is accessing the virtual desktop from within the state network (at their work desk) or while outside the state network (e.g. from a home Internet connection or a Wi-Fi hotspot). Files should be saved to network drives in order to be accessed via VDI. Files saved on local drives such as the Desktop, or C: Drive cannot be accessed.

The Office of Information Technology Services uses a specific software program called VMWare Horizon to use the Virtual Desktop Infrastructure. For any questions regarding using VMWare for working remotely, please discuss with your Supervisor or refer to your Agency's policy.

Horizon VMWare Training Videos 

Microsoft Windows Videos

How to Install the VMWare Horizon Client on Microsoft Windows PCs

How to Connect to your Virtual Desktop From a Windows PC

Apple & iOS Videos

How to install the VMWare Horizon Client on Apple Mac Computers

How to install the VMWare Horizon Client on Apple iOS Devices (iPhone, iPad)

How to connect to your virtual desktop from an Apple Mac

How to connect to your virtual desktop from a iOS device

Google Videos

How to install the VMWare Horizon Client on Google Chromebooks

How to connect to your virtual desktop from a Google Chromebook

Android Videos

How to install the VMWare Horizon Client on Android Devices

How to connect to your virtual desktop from a Android Devices

VMWare Horizon User Guides 

VMWare Horizon User Guide.PDF 

VMWare Help Section 

Is VDI the same desktop as my work site computer? 

No, files that are stored on your C: drive or Desktop will not be available when using VDI. 

My VDI session froze. How do I get back in to the VDI session? 

Use the "send Ctrl-Alt-Delete" button at the top of the session to unlock the computer. Turn off the device, wait 4-5 minutes and try logging back on. Your session should restart with a new virtual machine (new desktop). 

What are some benefits of VDI? 

VDI can yield significant benefits to New York State in terms of service, manageability, security and cost. Below are some of the key benefits of VDI: 

VDI eliminates the physical management issues for desktops, since all resources (CPU, memory, storage etc.) are managed centrally. VDI also reduces time spent managing networks because you only need to address software issues on one server as opposed to each individual machine. 

VDI can dramatically drive down cost of hardware and support, when compared to the costs of Desktop PCs. 

Centralized desktop images, applications and files make data security more manageable regardless of whether an employee is accessing the virtual desktop from within the state network (at their work desk) or while outside the state network (e.g. from a home Internet connection or a Wi-Fi hotspot). 

I'm getting an error message stating that I am "Not entitled to use the system"? 

You will need to request access to your agency's VDI pool. Please contact the Enterprise Service Desk or your local Service Desk and request access.

Office 365 is a collection of apps and cloud services that you can use to be productive across a variety of devices from just about anywhere. Office 365 (O365) is a cloud-based version of the Microsoft Office suite. For New York State employees, Office 365 includes online versions of Word, Excel, PowerPoint, and SharePoint. 

When you log in through your web browser, you can access Office 365 anywhere you need to work and without having an installed version on your desktop or device.  Office 365 also includes One Drive for cloud storage and sharing.  

When working remotely, employees can always use the VMware Horizon Client to access their virtual desktop but many employees do not need to. Most employees will be able to perform all their duties by just using Office 365. For any questions regarding using O365 for working remotely, please discuss with your Supervisor or refer to your Agency's policy.

Office 365 Training Videos 

How to Log into Office 365 with a Software Token from a computer

How to Log into Office 365 with a Hardware Token from a computer

 

Office 365 Quick Start Video Guide

Word Online

Excel Online

PowerPoint Online

Outlook on the Web

SharePoint Online

OneDrive

Office 365 Help Section 

I do not know how to sign in. 

Sign it to Office 365 using your full work email address and your network password. You will also need to enter an RSA token passcode. 

Can I access a shared inbox through Outlook on the web? 

Yes. You will have access to any shared mailbox that you have in the Outlook Client that is installed on your workstation PC. 

How secure is Office365? 

Microsoft has robust policies, controls, and systems built into Office 365 to help keep our information safe.