Business continuity and disaster recovery programs require a teleworker strategy that can support a remote workforce with little or no notice, without compromising network security.
Transitioning administrative staff, technical support teams, HR, marketing departments, and other workers who traditionally work from a physical office – along with access to their data and networked resources – to alternate work sites can be a daunting task. In addition to networking considerations, organisations should be aware that cybercriminals are prepared to exploit the weaknesses and security gaps that often arise during such events.
Here are six things every organisation should consider when faced with the need to securely move traditional on-site workers to remote locations. To start, every teleworker requires access to email, internet, teleconferencing, limited file sharing, and function-specific capabilities (finance, HR, etc.) from their remote work site. They also require access to software-as-a-service (SaaS) applications in the cloud, such as Microsoft Office 365.
VPN and endpoint security: Make sure all users have a laptop loaded with all of the essential applications they need to do their job. In addition, that laptop needs to include a pre-configured client to provide VPN connectivity to corporate headquarters.
Multifactor authentication: Multifactor authentication helps prevent cybercriminals from using stolen passwords to access networked resources. To enable more secure access, every user needs to also be provided with a secure authentication token.
Persistent connectivity: Pre-configured wireless access points enable secure connectivity from a user’s remote location to the corporate network through a reliable, secure tunnel. For a more secure connection, a wireless access point can be combined with a desktop-based next-generation firewall to enable persistent connections, advanced admission control, and a full spectrum of advanced security services, including data loss prevention.
Secure telephony: These users also require a telephony solution that supports voice over IP (VoIP) to ensure secure communications.
User and device authentication: A central authentication service connected to the network’s active directory, LDAP, and Radius enables remote workers to securely connect to network services at scale. This solution should also support single sign-on services, certificate management, and guest management.
Advanced Perimeter Security: An NGFW solution needs to securely terminate VPN connections, provide advanced threat protection – including the analysis of malware and other suspicious content within a sandboxed environment before it reaches its destination, and high-performance inspection of clear-text and encrypted traffic to eliminate malware and malicious traffic. Scalability for this function is especially critical, as the inspection of encrypted data is extremely processor-intensive.
Business continuity and disaster recovery programs require a teleworker strategy that can support a remote workforce with little or no notice, without compromising network security. Such a solution needs to enable secure access to critical resources while scaling to meet the demands of entire workforce on day one. These business continuity solutions need to be easily deployable and configurable, ideally with zero-touch provisioning, to enable a quick transition to a remote workforce while maintaining full security visibility and control regardless of their deployment environment. This ensures that your organisation can quickly respond to critical events with minimal impact on productivity and profitability.
The writer is regional vice-president, India & Saarc, Fortinet