Securely moving your traditional on-site workers to remote locations must not stress you but give you peace of mind. Cybercriminals are prepared to exploit the weaknesses and security gaps that often arise during such events. Unprepared users and unsecured systems can quickly become conduits for malware and malicious activity. Since time is of the essence, security must be an integral element of any teleworker strategy. Here are Six things every organization should consider to securely move traditional on-site workers to remote locations.
Steps 1 and 2 – General Teleworker Requirements
Every teleworker requires access to email, internet, teleconferencing, limited file sharing, and function-specific capabilities (finance, HR, etc.) from their remote work site. They also require access to Software-as-a-Service (SaaS) applications in the cloud, such as Microsoft Office 365.
- VPN and Endpoint Security: Make sure all users have a laptop loaded with all of the essential applications they need to do their job. In addition, that laptop needs to include a pre-configured client to provide VPN connectivity to corporate headquarters.
- Multifactor Authentication: Multifactor authentication helps prevent cybercriminals from using stolen passwords to access networked resources. To enable more secure access, every user needs to also be provided with a secure authentication token. These tokens can be a physical device (such as a key fob), or software-based (like a phone app). They are used when making a VPN connection or logging into the network to provide an additional layer of identity validation.
Steps 3 and 4 – Supporting Teleworkers with Advanced Requirements
Some of your teleworkers need advanced access to network resources to do their jobs. Systems administrators, support technicians, emergency personnel, and executive management teams often need to access. This enables them to process extremely sensitive and confidential information or operate in multiple, parallel IT environments.
- Persistent Connectivity: Pre-configured wireless access points enable secure connectivity from a user’s remote location to the corporate network through a reliable, secure tunnel. For a more secure connection, a wireless access point can be combined with a desktop-based next-generation firewall. This is to enable persistent connections, advanced admission control, and a full spectrum of advanced security services, including Data Loss Prevention.
- Secure Telephony: These users also require a telephony solution that supports voice over IP (VoIP) to ensure secure communications. Both physical and soft client models are available that enable users to make or receive calls, access voicemail, check call history, and search the organization’s directory.
Steps 5 and 6 – Creating a Secure and Scalable Headend
The other half of the equation is ensuring that the headend can scale. This is to ensure it meets the sudden volume of teleworkers needing remote secured access to network resources.
- User and Device Authentication: A central authentication service connected to the network’s active directory, LDAP, and Radius enables remote workers to securely connect to network services at scale. This solution should also support single sign-on services, certificate management, and guest management.
- Advanced Perimeter Security: An NGFW solution needs to securely terminate VPN connections, provide advanced threat protection – including the analysis of malware and other suspicious content within a sandboxed environment before it reaches its destination, and high-performance inspection of clear-text and encrypted traffic to eliminate malware and malicious traffic. Scalability for this function is especially critical, as the inspection of encrypted data is extremely processor-intensive. Without advanced security processors designed to inspect high volumes of encrypted traffic, NGFW solutions can quickly become a bottleneck that can impact teleworker productivity.
A Secure Foundation Ensures Scalable Business Continuity
Business continuity and disaster recovery programs require a teleworker strategy that can support a remote workforce with little or no notice, without compromising network security. Such a solution needs to enable secure access to critical resources while scaling to meet the demands of your entire workforce on day one.
These business continuity solutions also need to be easily deployable and configurable, ideally with zero-touch provisioning, to enable a quick transition to a remote workforce while maintaining full security visibility and control regardless of their deployment environment. This ensures that your organization can quickly respond to critical events with minimal impact on productivity and profitability.
Ref: Peter Newton, six steps for securing your remote workforce at scale; Fortinet in partnership with MTN.
Need some help?
Our experienced customer service engineers are always on call 24/7 to ensure your connection works.
or call us on (+254) 20 760 0001