Connect with us

Hi, what are you looking for?

OPINIONS

6 Steps for securing your remote workforce at scale

Here are six things every organization should consider when faced with the need to securely move traditional on-site workers to remote locations.

By Louie Castaneda
Country Manager, Fortinet Philippines

Business continuity and disaster recovery plans are designed to address an organization’s need to quickly suspend normal on-site operations in the event of a power outage, illness, or natural disaster that may make it unsafe for employees to travel on-site. This plan needs to include the ability to quickly establish a secure, remote workforce.

Transitioning administrative staff, technical support teams, HR, marketing departments, and other workers who traditionally work from a physical office – along with access to their data and networked resources – to alternate work sites can be a daunting task. In addition to networking considerations, organizations should be aware that cybercriminals are prepared to exploit the weaknesses and security gaps that often arise during such events. Unprepared users and unsecured systems can quickly become conduits for malware and malicious activity. Since time is of the essence, security must be an integral element of any teleworker strategy.

Here are six things every organization should consider when faced with the need to securely move traditional on-site workers to remote locations.

Advertisement. Scroll to continue reading.

Steps 1 and 2 – General Teleworker Requirements

To start, every teleworker requires access to email, internet, teleconferencing, limited file sharing, and function-specific capabilities (finance, HR, etc.) from their remote work site. They also require access to Software-as-a-Service (SaaS) applications in the cloud, such as Microsoft Office 365.

1. VPN and Endpoint Security: Make sure all users have a laptop loaded with all of the essential applications they need to do their job. In addition, that laptop needs to include a pre-configured client to provide VPN connectivity to corporate headquarters.

2. Multifactor Authentication: Multifactor authentication helps prevent cybercriminals from using stolen passwords to access networked resources. To enable more secure access, every user needs to also be provided with a secure authentication token. These tokens can be a physical device (such as a key fob), or software-based (like a phone app), and are used when making a VPN connection or logging into the network to provide an additional layer of identity validation.

Steps 3 and 4 – Supporting Teleworkers with Advanced Requirements

Some of your teleworkers need advanced access to network resources to do their jobs. Systems administrators, support technicians, emergency personnel, and executive management teams often need to access and process extremely sensitive and confidential information or operate in multiple, parallel IT environments.

3. Persistent Connectivity: Pre-configured wireless access points enable secure connectivity from a user’s remote location to the corporate network through a reliable, secure tunnel. For a more secure connection, a wireless access point can be combined with a desktop-based next-generation firewall to enable persistent connections, advanced admission control, and a full spectrum of advanced security services, including Data Loss Prevention.

Advertisement. Scroll to continue reading.

4. Secure Telephony: These users also require a telephony solution that supports voice over IP (VoIP) to ensure secure communications. Both physical and soft client models are available that enable users to make or receive calls, access voicemail, check call history, and search the organization’s directory.

Steps 5 and 6 – Creating a Secure and Scalable Headend

The other half of the equation is ensuring that the headend can scale to meet the sudden volume of teleworkers needing remote access to network resources while ensuring that network access is appropriately secured.

5. User and Device Authentication: A central authentication service connected to the network’s active directory, LDAP, and Radius enables remote workers to securely connect to network services at scale. This solution should also support single sign-on services, certificate management, and guest management.

6. Advanced Perimeter Security: An NGFW solution needs to securely terminate VPN connections, provide advanced threat protection – including the analysis of malware and other suspicious content within a sandboxed environment before it reaches its destination, and high-performance inspection of clear-text and encrypted traffic to eliminate malware and malicious traffic. Scalability for this function is especially critical, as the inspection of encrypted data is extremely processor-intensive. Without advanced security processors designed to inspect high volumes of encrypted traffic, NGFW solutions can quickly become a bottleneck that can impact teleworker productivity.

A Secure Foundation Ensures Scalable Business Continuity

Business continuity and disaster recovery programs require a teleworker strategy that can support a remote workforce with little or no notice, without compromising network security. Such a solution needs to enable secure access to critical resources while scaling to meet the demands of your entire workforce on day one.

Advertisement. Scroll to continue reading.

These business continuity solutions also need to be easily deployable and configurable, ideally with zero-touch provisioning, to enable a quick transition to a remote workforce while maintaining full security visibility and control regardless of their deployment environment. This ensures that your organization can quickly respond to critical events with minimal impact on productivity and profitability.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Companies plan to increase their IT security budgets by up to 9%. The median cybersecurity budgets for large enterprises were US $5.7M with US...

HEADLINES

Globe has been a consistent advocate for a safer and more responsible digital space

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

Fortinet Secure SD-WAN transforms wide area networks (WANs) by enabling resilient architecture and flexible security deployments on-premises and in the cloud with digital experience monitoring...

Advertisement