Business continuity and disaster recovery plans are developed for when an organization needs to quickly suspend normal operations from the office when factors arise that would make it unsafe for employees to move to the workplace: a power outage, the spread of disease, or a natural disaster. Such a plan should include the ability to quickly relocate employees to a remote work format.
Relocating administrative staff, technical support teams, human resources, marketing, and other employees who traditionally work from a physical office, as well as providing access to data and network resources at alternate work locations, can be challenging. Organizations must not only take into account possible network complexities, but also remember that cybercriminals are willing to exploit the weaknesses and security gaps that often arise during such events. Unprepared users and unprotected systems can quickly become “conduits” for malware and cybercriminal activity. Because time is of the essence, security should be an essential element of any remote working strategy.
Here are six things every organization should consider when faced with the need to securely move employees to a remote location.
Steps 1 and 2: General requirements for a remote work format
To start, every employee needs access to email, Internet, conferencing, limited file sharing and functionality (finance, human resources, etc.) from their remote workstation. You also need access to cloud-based Software-as-a-Service (SaaS) applications such as Microsoft Office 365.
VPN and endpoint security. Make sure that all users have a laptop that contains all the applications they need for their work. In addition, that device should have a pre-configured client installed to provide a VPN connection to the company headquarters.
Multi-factor authentication. It is important to prevent attackers from using stolen passwords to access network resources. For more secure access, each user must be provided with a secure authentication token. These tokens can be physical devices (such as tokens) or software products (say, phone applications); they are used when creating a VPN connection or logging into a network to provide an additional layer of authentication.
Steps 3 and 4: Support remote employees with advanced needs
Some employees need advanced access to network resources to do their jobs. System administrators, help desk technicians, emergency personnel and managers often need to receive and process extremely compromise-sensitive and sensitive information, or work in multiple parallel IT environments at once.
Ongoing connectivity. Preconfigured wireless access points provide a secure connection to the corporate network from a remote location through a reliable, secure tunnel. For a more secure connection, the wireless access point can be combined with a next-generation firewall on the computer to provide persistent connections, advanced access control and a full range of additional security services, including data loss prevention.
Secure telephony. These users also require a telephony solution that supports Voice over Internet Protocol (VoIP) for secure communications. Both physical and software client models are available that allow users to make or receive calls, access voice mail, check call history and search the organization’s directory.
Steps 5 and 6: Create a reliable and scalable host
The other side of the equation is to ensure that the host is scalable to accommodate the sudden increase in the number of employees needing remote access to network resources. At the same time, proper protection of network access must be provided.
User and device authentication. A central authentication service connected to the active network directory, LDAP, and Radius allows remote workers to securely connect to network services. This solution must also support single sign-on, certificate management, and guest management services.
Enhanced perimeter protection. The NGFW solution must securely terminate VPN connections, provide advanced threat protection, including analysis of malware and other suspicious content in an isolated environment before it reaches its destination, and highly efficiently analyze unencrypted and encrypted traffic to eliminate malware and data. Scalability for this feature is particularly important, as verification of encrypted data is extremely CPU intensive. Without advanced security processors designed to inspect large volumes of encrypted traffic, NGFW solutions can quickly become a weak point that can impact remote worker productivity.
Business continuity and disaster recovery programs require a remote work strategy that can discreetly keep an employee functioning without compromising network security. Such a solution must provide secure access to critical resources while scaling to meet the needs of the entire workforce from day one.
Such solutions should also be easy to deploy and configure, ideally supporting zero-touch provisioning to ensure a quick transition to remote work, while maintaining full visibility and security control regardless of the deployment environment. This ensures that your enterprise or agency can respond quickly to critical events with minimal impact on productivity and profitability.
By taking all of the above measures into account, your organization will be able to take a much more confident approach to the task of moving employees to telecommuting, and will be able to ensure the proper level of security for both the employees themselves and the associated communication channel.