Working remotely has become more common over the last decade than ever before. The technology advancements, bandwidth speeds and advances in mobile devices have made this possible for many. However, the bulk of our society still went to work onsite – a model which has been challenged over the last few weeks as we come together to fight the virus spreading across our country. With very little warning, business owners made the decision to send workers home in order to continue operations. This remote workforce is a very new situation for many.
In our last article we discussed some of the details that organizations may not have thought of in mobilizing a 100% remote workforce. In this article, we’ll take a look at ensuring that the network which has now been established to embrace the new paradigm is secure.
Here are some key ways to ensure that your remote workforce is as secure as possible.
How To Connect Remote Workers
Instead of a closed network under your control, your employees are now connecting to your company data network via multiple methods. Home networks are the most popular default when working from home, but these networks often are not protected for business protocols. Help employees to change the default SSID, set up strong passwords and apply encryption so that their neighbor can’t tap in.
Cell phone hotspots are used often by remote worker, as the advanced speeds have made most work viable utilizing this method. If your remote workforce is trying to decide between public wi-fi and their cell phone hotspot, the latter is the more secure option. Users should be discouraged from utilizing public wi-fi if possible especially without a personal VPN in place – although a VPN with split tunneling should be discouraged.
Internal company portals are generally accessed through a browser, and allow a specific user to connect to those parts of the network for which they have approved access. Terminal services and virtual desktops are a good option for users utilizing personal computers or devices for access to company resources.
Some applications – such as webmail – may be more easily accessible through cloud applications, or servers placed in the DMZ that broker the connection to the internal application server. This can be an effective way to reduce security risk as it provides access specifically to a single application.
How to Authenticate a Remote Workforce
When employing a remote workforce, stronger authentication methods are necessary. Businesses need to ensure that the person or device asking for access is who they claim to be. There are several good practices you may wish to put into place.
Multi-factor authentication is an effective and affordable method used to verify a user’s authenticity, such as sending a code to the user’s personal cell phone of record. Some other methods of authentication protections may include:
- Strong password protocols
- Connection restrictions, inactivity timeouts, and reauthentication after a period of time has elapsed.
- Device authentication verifies the device and makes sure it is operating securely. Office365, Duo Security and others offer ways to either verify a device with a company-issued certificate.
- Utilizing company-owned and controlled PCs in place of personal laptops or home computers.
- Vet the security of third parties or vendors with a higher level of authentication.
All of the necessary protections should be in place, including computer firewalls, current operating system upgrades and patches, anti-virus and anti-malware installed and running and restrictions on the use of removable media (such as thumb drives.)
With a little upfront planning and the right protocols in place, you can feel confident in have a remote workforce. If you have any questions or need some recommendations, call Alliance IT. We are here to help you through this time. And who knows? You may find that a remote workforce represents a viable option to save some overhead costs and restructure your business to be more efficient long term.
