Remote Workplace Security

Considerations for Remote Workplace Security

Usherwood is committed helping clients to enable their remote workforce quickly and easily. We are here as experienced advisers to help you maintain secure and uninterrupted operations. Please let us know how we can help your business solve their needs.

Review what you already have

If you have a business continuity plan or a disaster recovery plan in place, that’s a good place to start. This scenario may not fit the definition of disaster that you originally intended, but it can serve to help you test your plan in a more controlled fashion that can benefit both your current situation by giving you a head start, and your overall plan by revealing gaps that would be more problematic in a more urgent or catastrophic environment with less time to prepare and implement.

Does your plan include access to remote desktops in a data center or the cloud? If so, and you already have a service in place ready to transition or expand, you’re well on your way.

Review what you really need

One size does not fit all. Just as in most workplaces, the requirements for computing power and form factors can vary greatly from one department to another, they can in virtual desktops and workstations as well. One configuration doesn’t fit all. If you have users who frequently need more power than a conventional desktop provides because they work with video or large graphics files, for example, a virtual workstation that fails to provide the resources they need will reduce their productivity. This might be fine for a day or two, but it could significantly impact business results over the course of an entire quarter, at a time when they may already be under strain.

It is imperative to fully understand your security requirements before implementing a solution. In preparing for theoretical business continuity scenarios, it’s easy to assume that compromises to security or to usability don’t really matter because they’re only short term. Facing a potential implementation of three months or more puts it in another light. Most organizations are not willing to take the risk of lowering their security standards for a full quarter, and most employees will lose patience with clumsy implementations that reduce usability and will look for workarounds that may compromise security as a result.

Check your assumptions

Maybe you have remote desktops set up already, and your workforce already works flexibly from home periodically, so you know they have the ability to do so. But don’t forget that your employee may not be the only one at home. That home office, home computer, and home network they use to access their remote desktop may be stretched to accommodate a partner or children who are also at home trying to meet remote work or school expectations. Don’t assume that the resources that serve occasional remote work are going to be adequate for weeks on end. Ask employees what they have available to them and plan to supplement equipment as required.

If you’re implementing a remote desktop solution that employees will need to access via a software client, consider provisioning it in advance, rather than waiting for the order to drop. Empowering employees to download and configure the client before they need it ensures that you have time to troubleshoot it before it becomes critical infrastructure.

As you make your preparations, it’s easy to assume that the IT team will be able to manage on their own, but in the middle of transitioning your entire workforce to remote work, can you afford that assumption? Ensure that advance provisioning and setup allows for the probability that your IT team won’t be in the office and will be working under the same constraints as everyone else.

Consider your costs

Panic buying is irrational, and usually expensive. But there are ways to keep costs down. Using public clouds rather than investing in physical infrastructure offers several advantages in this situation – they are generally faster to set up, offer better up-time (particularly if you have no one in the office to maintain servers), and can be offered from multiple sites for better scalability. They also allow for resource sharing, with options to pay for only what you use. A subscription solution that includes software clients with brokering and provisioning bundled in can cost up to three times less than a private data center.

Security remains a priority

Corporate security remains top of mind for IT managers seeking short-term solutions. Opportunistic phishing scams are on the rise and VPN technology should only be deployed with due consideration – besides standard telework guidelines published by NIST, IT departments should pay continued attention to cyber-security alerts, especially those related to VPN Deployments.