With the fluid circumstances around the COVID-19 pandemic there has been an explosion of employees and student breaking out of the office and classroom via “remote working”, “work from home” and “online instruction” over the past eight weeks.
These are not new topics, but many are facing the need to implement them on the fly due to unprecedented changes to health and safety of community, clients and colleagues. The reactive nature of setting up users to work from home will negatively impact productivity as well as expand the likelihood of some type of data accessibility or recovery problem due to expanding cybersecurity threats.
Now that the dust is settling on the first round of working from home, by reviewing and answering the below questions a company can improve the productivity of their workers while reducing the risk associated with expanding the corporate network outside of the office and allowing data to be everywhere.
1. What are the IT security considerations for remote workers?
One of the first considerations for remote workers is the device they will be using to access either cloud applications and data or office based. The best option is for the company to supply a laptop/computer/tablet which allows for more security to be managed, maintained and monitored, just like computers inside the corporate network.
In the event time or budget didn’t allow for company supplied devices then put a Bring Your Own Device (BYOD) policy in place and confirm that at least the employee’s device meets the following minimum standards:
- Current operating system that is configured automatically to install security patches. Employees should not be using outdated operating systems (Microsoft XP, 7, 8) as they provide a significant attack surface for hackers.
- Anti-virus software installed and scanning on a regular basis including email, web links and files prior to opening.
- Windows Firewall turned on in Security settings.
There are two secure methods which can be utilized to access servers and computers on the company network.
- Virtual Private Network (VPN) - a private, encrypted tunnel between the remote device and the company firewall thereby allowing for a secure connection which prevents others from accessing the network or eavesdropping on the remote session.
- Remote-Control Software (RCS) including LogMeIn, TeamViewer and GoToMyPC. - a piece of software that is installed on the corporate office computer that allows for a remote computer connection to be established in the RCS providers’ cloud from the remote users’ computer to the company network.
VPN via the corporate firewall is preferred as it is more easily administered and controlled. RCS creates a level of administration overhead to maintain the software install, account management and monitor their use. RCS does not provide for integration with other cybersecurity products on the corporate network as VPN can.
2. What data and applications do your users need to access?
While Office 365 is moving more client data and email to the cloud with Word, Excel, Power Point all being capable of document creation and sharing inside and outside of the office, many business-line applications for accounting and operations are still maintained on premise-based servers at the office.
Three options exist to get to data and applications that are still at the office:
- Mapped drives – after logging on to the company network with VPN a small file is run to map company drives to the local computer where they will show up in Windows File Explorer; i.e. M:, F:, S: where by data can be accessed or applications possibly run. The downside to this arrangement is (a) from a productivity standpoint it will be slow and if the VPN tunnel closes work may be lost and (b) malware on the remote PC can quickly spread to the company servers with little to no security in between.
- Terminal Server – this option allows remote users to connect to a Windows experience at the office, might look like their desktop when at the office and allows them to access applications and data. Two upsides to this is (a) since all of the work is being done on the company servers, workers’ experience will be faster thereby making them more productive and (b) it is less likely that malware can move from the remote computer to the server since it is on a separate network and device as well as the servers’ anti-malware software is in force.
- Remote Desktop – Provided this has been enabled on the user’s work desktop, after connecting via VPN, the user can remote control their individual desktop with all their familiar icons, favorites, shortcuts and applications. Like the security on the Terminal Server option, the desktop anti-malware software is in place and while data transfer is possible it takes a planned effort.
3. Will your users need to print and scan from home?
As more administrative and clerical jobs move out of the office and stay there, printing and scanning of documents can create challenges to security of company data and employee productivity.
- Security concerns include the storage of confidential documents on home computers and cell phones as well as introducing malware to the corporate network with a cutting and pasting of documents from home computers to work computers via the remote session.
- Productivity issues will arise with locating documents along with transferring them from several devices in the event scanning is done via a cell phone with an app to get them to the corporate network.
- Depending on the amount and frequency of printing and scanning the use of TS-Print and TS-SCAN by Terminal Works along with a light duty, multi-function printer would be a good investment to lower security and productivity issues for employees by correctly configuring it to be available in the users’ remote session.
4. What about the phone that was left at the office?
Many early WFH initiatives solved this issue by forwarding desk phones to employee cell phones. While this was a strategy in the short run companies will have to address it in the near term by considering cloud-based phone systems such as Avaya Cloud Office or Nextiva.
Some of the features that should be included are:
- Availability of computer, tablet and cell phone-based voice applications
- Quality blue-tooth headsets compatible with the above items as well as use with popular collaboration tools like Microsoft Teams, Cisco WebEx and Zoom.
- Traditional telephone (handset, display, programmable buttons) including power over ethernet (POE) to power the phones.
- Voicemail to email transfer so messages can be accessed including when the phone is not available.
5. Do your users have adequate Internet bandwidth, networking and cabling to connect all the devices they will be using?
Most home offices were engineered for either limited or short-term WFH engagements. With the likelihood of long-term or permanent WFH becoming a possibility several items need to be considered in keeping employees productive and IT morale high. These include:
- Bandwidth Saturation occurs when all Internet circuits are carrying maximum data due to many users’ homes that are uploading and downloading data. Keep in mind, most Internet for homes is a shared medium as opposed to dedicated so as more neighbors access the Internet the likelihood of bottlenecks will occur including jittery voice calls and slow computer access.
- While most early pandemic WFH efforts centered around laptops this will decrease the productivity of staff who use multiple, large monitors and wireless keyboard including 10-key and mouse.
- Most home Internet use is driven around wireless connectivity which by nature is slower and less stable although more convenient when moving around. If possible, plug in to the cable modem for computer and phone to make them more stable.
- And finally, consider installing a battery backup (UPS) for the computer, phone, monitors, wireless modem to increase stability with potential brown outs and power loss.
Now that the dust has settled from the emptying out of offices a new normal will begin to take place as the government, companies and employees begin to assess how to open the economy. With a general lack of testing, a vaccine and workplaces commonly being “open floor plan” there will be a faster rate of adoption of remote working technologies. The above questions for consideration provide a guide to organize efforts around worker productivity and cybersecurity. Next generation solutions will include cloud deployment for corporate applications and data including Software as a Service (SaaS).
Scott Cooper is the President of Tower 23 IT, a managed IT services provider which provides solutions to small and medium businesses specializing in protecting company data to meet IT security, privacy, compliance requirements in the healthcare, legal, financial, real estate and insurance industries. Scott can be reached at scottc@Tower23IT.com or 858.877.6219.