3 steps to quickly secure a remote workplace rollout
- Posted on March 20, 2020
- Estimated reading time 4 minutes
With the sudden spike in the demand for remote working, business leaders are looking for rapid ways to get employees working safely away from the office. But just because we’re in a rush to change the way work is done, there’s no need to leave your data exposed.
Avanade is talking to clients about how they can securely scale remote working. Our advice is that an agile approach is needed, a “minimum viable product” that is quick to deploy and secure at the same time. To get there, you will need to leverage existing investments, focus on end-users and prioritize a few fundamental security requirements. Below we have outlined the key steps we take to keep your employees safe and secure at home.
Step 1: Identify the use cases to support for remote working
From the low risk worker who just needs an Internet connection and personal laptop to keep on top of emails, to the high-risk information worker with access to extremely sensitive data on controlled devices, there is a spectrum. Once you know the core use cases you need to support, you can start to effectively map out the steps to a rapid and secure deployment.
We’ve identified five main use cases:Sensitive information workers: Employees that usually work from secure desktop environments and depend on local access to highly-sensitive resources and services.
Remote collaborator: Employees that usually work in an office or call centre and are highly collaborative, requiring access to documents, email, IM and phone services.
BYOD worker: Employees that can work from home with a personal device but need secure access to Office and other business applications, separated from personal data.
Large scale enablement: Employees who need to self-isolate at home immediately, but require secure company access. They cannot be productive from a personal device, and you as an employer need to quickly provide them with a securely configured device, potentially for a large distributed workforce.
VPN congestion: With the increased demand on remote access, existing remote access systems (such as VPN) can be overwhelmed and additional capacity or new rapid approaches need to be added to enable easier, consistent and scalable access.
Avanade is talking to clients about how they can securely scale remote working. Our advice is that an agile approach is needed, a “minimum viable product” that is quick to deploy and secure at the same time. To get there, you will need to leverage existing investments, focus on end-users and prioritize a few fundamental security requirements. Below we have outlined the key steps we take to keep your employees safe and secure at home.
Step 1: Identify the use cases to support for remote working
From the low risk worker who just needs an Internet connection and personal laptop to keep on top of emails, to the high-risk information worker with access to extremely sensitive data on controlled devices, there is a spectrum. Once you know the core use cases you need to support, you can start to effectively map out the steps to a rapid and secure deployment.
We’ve identified five main use cases:
Step 2: Assess your vulnerabilities and gaps
For each use case, assess your vulnerabilities and gaps across a specific set of security fundamentals, described below. For each fundamental, identify if existing investments and infrastructure can be used to close gaps – or if new investments, configurations or alternatives are needed. For example, you might be able to quickly expand or unlock unused Office 365 entitlements to tools such as Teams, Device & Application Management; Conditional Access & MFA; Application Proxy services; VPN scaling technologies (such as Zscaler) and Desktop Virtualization products to enable consumption-based access. You might also be able to fill in the gaps with off the shelf SaaS solutions, to replace legacy business applications that are not ready for remote access.
Go through the following list of security fundamentals for each of your use cases – and note the gaps, dependencies and unknowns along the way:
- Identity and access management: How sensitive is the data being accessed and do you have a way to govern access based on user identity? Are you able to provide user-friendly, easy-to-manage IAM tools, such as multifactor authentication and single-sign on and automation? How will you enable and manage access to your contractors, third parties and suppliers?
- Devices management and peripherals: Do employees need controlled corporate devices, thin clients or BYOD laptops and smartphones? How are you provisioning, monitoring and controlling devices to prevent risk and data loss?
- Information security: What are your legal and ethical responsibilities in protecting data, how ready are you to protect data outside the office and on the go, and are your users aware of the new risks and responsibilities that come with remote working conditions?
- VPN / Internet and Office 365 connectivity: Is your VPN ready for the added stress of a major, sudden increase to users? How are connectivity issues getting in the way of performance and how will you protect your connectivity from outside attackers?
- App readiness: Not all applications will be ready for this work-at-home necessity. Which are essential to support the use cases and user groups in your company? Of those, which are available to outside networks already? Are you able to easily replace legacy apps with remote-ready cloud or SaaS solutions?
Step 3: Prepare your people
It’s important you prepare your workforce to be ready for a new level of security responsibility. Your people are your most important line of defense. Unfortunately, hackers and bad actors won’t hesitate to take advantage of new vulnerabilities and exposure in times of chaos. Get your people on the look-out for increased phishing attempts and educate them on the risks of malware and ransomware.
Speaking of people, your IT and security teams will also need to be prepared for supporting your workers at home. For example, how will you handle a virus on a remote laptop if you are used to only managing desktops? How will you replace hardware when your users are geographically dispersed in their home offices? How will you cater for the individual needs of your home workers from a health and safety perspective, the workstation adaption assessments from the office will be difficult to apply to a home worker at scale.
Let’s get people working at home – safely and quickly
Working outside the office can be liberating and drive more productivity and collaboration in the modern workplace. And as we’ve seen in recent weeks, it can give employers the much needed flexibility to keep employees safe and protected in times of great disruption and ensure business continuity. To balance speed of delivery with security, we recommend businesses start with a user-centric risk model. And from there, work to identify and close the gaps across a specific set of security fundamentals.
Learn more about how Avanade is helping secure the enterprise and check out other relevant blog posts on this topic, below:
It’s important you prepare your workforce to be ready for a new level of security responsibility. Your people are your most important line of defense. Unfortunately, hackers and bad actors won’t hesitate to take advantage of new vulnerabilities and exposure in times of chaos. Get your people on the look-out for increased phishing attempts and educate them on the risks of malware and ransomware.
Speaking of people, your IT and security teams will also need to be prepared for supporting your workers at home. For example, how will you handle a virus on a remote laptop if you are used to only managing desktops? How will you replace hardware when your users are geographically dispersed in their home offices? How will you cater for the individual needs of your home workers from a health and safety perspective, the workstation adaption assessments from the office will be difficult to apply to a home worker at scale.
Let’s get people working at home – safely and quickly
Working outside the office can be liberating and drive more productivity and collaboration in the modern workplace. And as we’ve seen in recent weeks, it can give employers the much needed flexibility to keep employees safe and protected in times of great disruption and ensure business continuity. To balance speed of delivery with security, we recommend businesses start with a user-centric risk model. And from there, work to identify and close the gaps across a specific set of security fundamentals.
Learn more about how Avanade is helping secure the enterprise and check out other relevant blog posts on this topic, below:
Thanks for subscribing. Watch your inbox for blog alerts and updates.
Comments