As states begin to lift shelter in place orders and businesses reopen their doors, there is a lot of speculation as to what “the new normal” will look like. And so far, there are still more questions than answers for those of us working from home.
- When is it safe to return to work?
- Will we have to run at reduced occupancy?
- What if cases of COVID-19 spike again or returns in the fall?
- Is it even necessary to return to the office when employees can work from home?
None of us have a crystal ball to accurately predict when we will return to our cubicles, but if anything, this global event has made it abundantly clear that business continuity relies heavily on enabling employees to work from virtually anywhere. On the surface, this may seem like a fairly simple task. The majority of workers have some sort of mobile device, whether it be a laptop or smart phone, as well as internet access. A lot of us have already been working remotely at least part of the time prior to the pandemic. But for technology teams that are tasked with supporting the work from home initiative, the solution may be a lot more complex. Not only must they solve for access at scale, but visibility and security as well.
The first major hurdle for supporting a remote workforce is providing access to the applications and data they require to conduct business. Most organizations have deployed some form of VPN for this purpose, but few have built it with the intention of supporting all of their workers connecting simultaneously. As a result, they are finding that their VPNs are getting overwhelmed and users are experiencing latency or trouble connecting to the network altogether.
Employees may attempt to resolve the VPN connectivity or latency issue by just connecting to the Internet directly to accomplish whatever work is possible without accessing the network and by using unsanctioned web-based applications. It’s also very possible that they, or other members of their household, may even use their company owned devices for purposes completely unrelated to work. And when traffic isn’t routed to the data center, businesses operating on a hub and spoke model lose visibility as well as their ability to enforce security policy. Without these guardrails, the possibility of a security incident becomes more likely as employees freely surf the net, click links, and download files without the analysis provided by a perimeter security device.
Organizations could certainly respond to these challenges by expanding the capacity of their VPN concentrator. If employees are able to easily access assets hosted on the network and the Internet through VPN without performance concerns, they are a lot more likely to connect to it as a habit when they begin their work day. But this approach still relies on voluntary action on the part of the remote worker and isn’t really the most efficient way for employees to access applications and data hosted in the cloud. Another consideration is that although many VPNs provide similar visibility and security controls as next-generation firewalls, a lot of organizations are still managing both products, using separate user interfaces to protect their on-site and remote users.
Businesses that want future ready security and to maintain visibility across users, during the pandemic and beyond, should give strong consideration to a cloud-based security solution that does not rely on backhauling traffic to the data center for enforcement. Security hosted in the cloud means fewer appliances to purchase and manage but can also help provide the flexibility that is desperately needed during this time of uncertainty by following users virtually anywhere they conduct business. There are a lot of point products on the market that can solve the challenge of providing zero-trust network access to applications. Similarly, there are also products that can help protect users while surfing the Internet off network. But businesses should look for an advanced solution that can consolidate these capabilities and help them remain nimble as their workforce requirements evolve.
When evaluating remote access solutions, organizations should seek a product that can augment their overwhelmed VPNs by providing highly secure access to applications and data that are hosted in both the data center and in the cloud. Look for a solution that offers administrators granular control to permit access to specific applications by role or by user, as opposed to providing keys to the entire network segment. This helps to limit the effects of a security breach but is also particularly useful when working with third-party vendors or business partners to only permit access to what is needed to provide their services.
But security measures for remote workers shouldn’t stop here, as users need to be protected against the plethora of web-based threats they may encounter while surfing the Internet. Choosing a cloud-based solution that restricts what sites they can visit can help to greatly reduce their exposure to malware but also to help enforce acceptable use policies, providing that the websites they visit are both safe and appropriate for the workplace. Some businesses may even want to consider protecting against zero-day threats with sandboxing technology or offer data loss prevention (DLP) or CASB capabilities.
Given the stress on IT staff to support remote workers, subscribing to a 24x7 managed service may help businesses remain agile so their technology teams can respond to other initiatives or requests. AT&T Secure Remote Access is a cloud-native managed service that provides organizations with a way to connect their employees to the applications they need while working from home, while AT&T Secure Web Gateway offers comprehensive protection against web-based threats. Best of all, these solutions offer administrators a centralized view and unified security policies across all users. These capabilities can help businesses be prepared for whatever the work arrangement may become. Whether employees are working from an office, their home, a hotel, or even a coffee shop, organizations can remain informed on what users are doing and what threats they are encountering. In turn, employees have the opportunity to work productively without the bandwidth constraints associated with other technologies
