Dawn Mallyon, VP, Marketing, Hitachi ID
For the first time, due to Covid-19, many companies experienced what it’s like to have a fully remote workforce. The experience has had both highs and lows, with some companies questioning whether they need as much office space as they used before, while others struggled to keep up with the pace of change to ensure every employee remained productive without becoming a security risk.
Now, many companies continue to work remotely while others are heading back to the office. It’s a moment to take stock of how you handled the switch to fully remote work and what you need in place both now and in the future. Use this time to take what you learned and empower those working from home by preparing for any disruptions in the future, whether it’s a second wave of the virus, a natural disaster, or even a power outage.
Challenges companies have faced while fully remote
Before the pandemic, some companies were already fully remote, others had a handful of telecommuters, and some had never had any employee work from home. While there was a wide range of experiences, there were some common challenges:
- Breakdown of processes for legacy remote workers. Employees who worked remotely before Covid-19 were better prepared than most for the pandemic. But because they could no longer visit the office, some processes, especially around passwords, started to break down. For example, if they’re not using a VPN, they might not be warned of an expiring password. If they change their password remotely and then forget it, under some circumstances, they might be locked out until their device is back on the network, where the help desk can address the issue.
- Processing mass numbers of access requests. As most or all of your employees switched to remote work, processing access requests to remote work services, from VDI logins to MFA applications quickly became overwhelming.
- Rapid migration to SaaS applications. Whether for security, convenience, or any number of other reasons, you may have needed to quickly migrate some services to the cloud. By switching from on-premises Exchange to Office 365, for example, you could give users access to the services they need while still maintaining security, even if users didn’t have a corporate-issued laptop or VPN connection. But these decisions were likely made in a scramble.
- Quickly establishing VPNs or VDI. If users had to access certain on-premise applications, you might have had to quickly acquire more VPN licenses and bandwidth, or establish VDI, depending on whether employees are using corporate devices or personal laptops.
- Opening new security risks. An uptick in SaaS applications and VDI use also means you have more public-facing logins, and thus a larger attack surface for hackers who might try to guess or socially engineer their way into your system.
How to support remote work, both now and for future disruptions
Organizations have handled these challenges as best they could given the circumstances. But now that you have time to step back and reassess what you have and what you might need, you can procure new technology that both fits user needs and gives your workforce more flexibility in where they conduct business.
Here’s a list of technologies to consider:
- VOIP or softphones. If you don’t already use these for your telephone service, it’s worth a look so that users can simply take their desk phones home from work, plug them into the wall, and get the same call quality with the same phone number as they have in the office. This also frees employees from having to use their personal mobile or home phone for work calls.
- Videoconferencing. Everyone got a crash course in Zoom and other video conferencing software, but what you chose as a quick fix might not be the best platform for your organization. There are a number of options to choose from, including Google Meet, Microsoft Teams, WebEx, and others, all with different features and options. Take some time to determine if you have the best software for your employees’ needs.
- Expanded VPN resources. If you saw an uptick in requests for VPN connections, you’re going to need more VPN licenses, and you might also need more bandwidth and CPU capacity to handle more concurrent connections. Assess your current and future needs.
- Expanded VDI server farms. If users can’t take their corporate device home, they often use their personal device for work, which can introduce any number of security risks. If this is the boat your company is in, VDI is the way to go. The more users that need this, the more capacity you’ll have to set up to serve them.
- Procure mobile devices. There are certainly use cases for desktops, but in many cases, a laptop will allow the vast majority of your employees to do their jobs effectively no matter where they’re working from. Make it a point to supply them with corporate-owned laptops, tablets, or other mobile devices so they don’t have to use their home computer when telecommuting. It’ll keep workers productive and your systems more secure. If your company decides to do this, then consider deploying some full disk encryption such as Bitlocker, Checkpoint, or McAfee.
- License MFA and other access management technology. MFA, preferably via smartphone apps, reduces the risk of intrusion through publicly accessible logins that only ask for a password. In addition, identity access and privileged access management tools can help you more easily manage passwords and identities, add MFA and federated access, strengthen authentication, and avoid many of the security risks of remote work.
Take time to revisit the challenges you experienced. The lessons you take away and the solutions you identify will make your company more flexible, productive, and secure.