Battling Coronavirus: How to quickly and effectively implement remote working at scale
As the world faces once the worst health challenge of a generation, we take a practical look into how you can ensure the health and safety of your workforce while deploying a robust business continuity plan that allows your workers to efficiently work from home.
Your existing business continuity and disaster recovery plans may have addressed events such as natural disasters or power-outages, but it’s unlikely you considered or prepared for a global pandemic of this scale. You now find yourself faced with the colossal challenge of ensuring your staff, customers and partners are safe and protected which is likely mean enforcing stringent working from home policies in the coming weeks and months.
Quickly transitioning office-based staff to alternate work sites can be a daunting task – especially when faced with the possibility of rolling this out with almost immediate affect across an entire business. In addition to networking considerations, you should be aware that cybercriminals are prepared to exploit the weaknesses and security gaps that often arise during such events. Unprepared users and unsecured systems can quickly become channels for malware and malicious activity. Since time is of the essence, security must be an integral element of any remote-working strategy.
So what steps should you consider when faced with the need to securely move traditional on-site workers to remote locations quickly?
Step 1: Understand your workers requirements and provide VPN access
Your staff will need access to email, internet, teleconferencing, file sharing and specific applications such as finance and HR systems as well as SaaS based systems such as Office 365.
To protect the data flowing between your remote workers and your offices, you should add a Virtual Private Network (VPN). VPNs use encryption, authentication and data integrity checks to create secure tunnels through insecure public networks such as the Internet.
Step 2: Rollout Multifactor Authentication to help prevent cybercrime
To prevent cybercriminals from using stolen passwords to access networked resources, you will need multifactor authentication. To enable more secure access, every user needs to also be provided with a secure authentication token. These tokens can be a physical device (such as a key fob), or software-based (like a phone app), and are used when making a VPN connection or logging into the network to provide an additional layer of identity validation.
Step 3: Provide a highly secure connection and deploy a full spectrum of advanced services to enable advanced access
Some of your team members may require advanced access to network resources to do their jobs. Systems administrators, support technicians, emergency personnel, and executive management teams often need to access and process extremely sensitive and confidential information or operate in multiple, parallel IT environments.
In this instance you will need pre-configured wireless access points to enable secure connectivity from a user’s remote location to the corporate network through a reliable, secure tunnel. For a more secure connection, a wireless access point can be combined with a desktop-based firewall to enable persistent connections, advanced admission control, and a full spectrum of advanced security services, including Data Loss Prevention.
Step 4: Enable voice over IP (VoIP) to for secure communications
To ensure your employees are able to work remotely without it affecting communication with customers and the rest of the team, you’ll need a telephony solution that supports voice over IP (VoIP) to ensure secure communications. Both physical and soft client models are available that enable users to make or receive calls, access voicemail, check call history, and search the organization’s directory. But communication lines aren’t limited to audio; video calls bring remote workers face to face with one another. They can send files back and forth at the speed of a click, leave comments, or edit each other’s work with ease.
Step 5: Allow workers to securely connect to network services at scale
Due to the coronavirus outbreak, it may be likely that your entire workforce, or the vast majority of your workforce will be required to work from home meaning you’ll be faced with a vast number of staff needing to access network resources all at the time, putting immense pressure on your network.
You therefore need to be able to scale quickly to meet the demand, while ensuring your network is sufficiently secured.
A central authentication service connected to the network’s active directory will enable your remote workers to securely connect to network services at scale. This solution should also support single sign-on services, certificate management, and guest management.
Step 6: Reduce bottlenecks from encrypted traffic
Depending which firewall solution you have in place will determine how processor-invasive the inspection of encrypted data is. For instance, if you have a Fortinet Next Generation Firewall, it will need to securely terminate VPN connections, provide advanced threat protection and undertake a high-performance inspection of clear-text and encrypted traffic to eliminate malware and malicious traffic. In this case, scalability for this function is especially critical as the inspection of encrypted data is extremely processor intensive. Without advanced security processors designed to inspect high volumes of encrypted traffic, your firewall can quickly become a bottleneck that can impact your remote worker’s productivity.
If it isn’t already, remote working will become an instrumental part of your business continuity strategy. With some challenging weeks and months ahead, ensuring you can keep your workforce healthy and your business in business will be critical to your organisations success.
To find out how we will remotely provision and integrate a workable Windows Virtual Desktop solution in under two weeks, read our data sheet.
Alternatively, head to our Windows Virtual Desktop hub where you’ll find all things #WVD.