Smart Buyer
  • Shop On NeweggBusiness
  • Categories
    • Buying Guides
    • Components
    • DIY and How-to
    • Industry Trends
    • NetSec
    • Networking
    • Storage
    • Systems – PC & Laptop
    • Windows
  • About
  • Why NeweggBusiness?
  • Contact Us
Top Posts
PC Cooling: How to Set up Computer Case...
5 Ways to Stream from PC to TV...
How to Choose the Correct RAM Upgrade
How to Troubleshoot a PC Power Supply
Four Apps that Make Your Tablet a Second...
2019 Solid State Drive (SSD) Buying Guide
6 Reasons Your PC is Slow and How...
How-to Guide: Small Office Network Setup
Born in the USA: Computer Hardware Made in...
Computer Monitor Buying Guide 2019

Smart Buyer

  • Shop On NeweggBusiness
  • Categories
    • Buying Guides
    • Components
    • DIY and How-to
    • Industry Trends
    • NetSec
    • Networking
    • Storage
    • Systems – PC & Laptop
    • Windows
  • About
  • Why NeweggBusiness?
  • Contact Us
NetSec

Remote Workforce Security: Tips and Best Practices

by Adam Lovinus December 9, 2020
by Adam Lovinus December 9, 2020 0 comment 613 views

In the past, companies that were not set up for secure remote work simply did not undertake the task. The coronavirus pandemic changed all that.  This year, companies that implemented an ad hoc work from home policy to stay productive during lockdown periods likely placed their data at risk unless it included a robust remote workforce security component.  

Ensuring that remote work is happening safely and securely means protecting the individual devices employees use to access company data, as well as the data center and network infrastructure that stores and serves it. Companies must remember to extend infosec practices and policies to everyone accessing company assets, including any third-party vendors it uses. 

It’s advisable to build security practices into an encompassing plan for supporting a remote workforce in an effort to keep it as productive as possible. Think of it as an essential component of  managing a dispersed team successfully. We’ll discuss the tools and operations that companies employ to strengthen their security profile when they have team members working beyond the reaches of the company network.  

Conduct a baseline assessment 

Each company has unique security needs, and an important first step involves identifying and documenting what those needs are. This starts by answering a few basic questions about how employees access company data, and gathering specifics about the devices they are using.  

  • What devices are they using? Are employees using their own devices, or are they bringing home company-issued endpoints for work? A BYOD setup requires a few extra steps, but is not impossible to secure. 
  • What applications are in use? Ideally everyone at the company uses the same collaboration software. This simplifies roll out of educational materials and tutorials related to infosec best practices. Obviously not every employee needs access to every application in the company ecosystem; documenting who uses which applications helps eliminate loopholes regarding the scope of what needs to be secured.  
  • What network equipment do they use? Residential network equipment may introduce a range of security risks, so make sure employees are instructed about how their home network equipment can be configured for safety. 
  • Do employees manage any protected data? Organizations that handle data like health records and other data protected by privacy laws have extra steps for ensuring they are compliant with how this data is protected.   

Secure access with 2FA on endpoints 

Two factor authentication (2FA) provides a way to make logins more secure by involving a second means of identity verification. For example, when logging on to the company domain, employees input a username and password and then receive a password token on their cell phone, and enter it to complete the log on. You can implement 2FA a number of ways—using smart cards or key fobs, biometric capture, and endpoint security suites that roll 2FA into their offerings. You will find that many laptops for business users have fingerprint readers that are equipped to support 2FA policies for remote security.

Consider MDM solutions 

Mobile device management (MDM) solutions allow an organization to control the devices that employees use for work. Administrators are able to enroll and monitor endpoints remotely. MDM solutions fit both a Bring Your Own Device (BYOD) environment as well as a Corporate Owned, Personally Enabled (COPE) setup, but it’s important to note specific MDM solutions might be more appropriate for one or the other, and dependent on scale and other business requirements. 

Rolling out MDM solutions is generally easier in a COPE setting. Organizations may work through a cellular carrier or device manufacturers, many of whom offer device management solutions based on the authentication models they want to have in place.  

If employees are BYOD at work, admins must discover which devices they are using, and choose a solution compatible with those devices.  Policies for a BYOD workplaces can range from relaxed to restrictive. Users may have access to corporate resources but allow IT selective control over their personal device—PIN and 2FA requirements, for example. Or, users might set up a corporate profile on a device that restricts storing sensitive data on local drives of personal devices.    

In general, MDM solutions have features that include remote monitoring, cloud-based updates, passcode enforcement, backup and restore functionality, website blacklisting, and other tools that help implement security policies to a dispersed workforce. There are dozens of MDM solutions available; some of the bigger names include Citrix XenMobile, VMware’s Airwatch, Microsoft Intune, among others. 

Scaling up the VPN 

Over the past 15 years, a virtual private network (VPN) has become standard practice for providing secure access to the company network and all the assets on it—from shared file storage to collaboration software and line of business applications. A remote access VPN works by encrypting the data connection between the employee and the company network. A user logs on using a VPN client on their device, which is used to connect to a network attached storage server or a set of servers in the data center.  

Placing VPN logons behind 2FA authentication is always recommended. In the past, companies may have conducted a small amount of business over a VPN connection. The pandemic saw companies have to funnel their entire workload through the VPN, potentially overwhelming its capacity and sapping performance for users.      

As a workaround, increasing network bandwidth between VPN servers and the wide area network (WAN) can improve performance. Using a split tunnel approach—wherein only sensitive, work-related data passes through the VPN into the company datacenter—can improve performance by reducing the load on company network infrastructure.  To ensure secure operations, IT must also update VPN with security patches, and check logs regularly for any irregular patterns.  

Use a password manager 

Practicing good security hygiene isn’t always convenient for end users, and a password manager is a great way to make it a little easier. Specifically, password managers make it easy to create and remember unique, strong passwords for web applications. This helps remote workers assume a good security posture by reducing the level of effort tied to password habits. Many antivirus and security software suites include password management functionality.   

Conduct anti-phishing user training 

Security experts time and again emphasize how educating users with anti-phishing training safeguards company data better than any hardware can. In our own customer surveys, social engineering vulnerabilities are cited most often as the greatest security risk for their organizations. No matter how tight your e-mail and messaging firewalls are configured, spam finds a way. And no matter how obvious you think spam e-mails appear, people inevitably click on them. 

Anti-Phishing training is a must-have if you handle any private or protected customer data – a remote customer service team, for example, might be highly susceptible to fake e-mails that spoof a customer’s correspondence. Technical solutions offer an incomplete fix. Conducting anti-phishing user training is the preferred method in the IT profession. The good news is companies can build out their own anti-phishing training solution relatively easily.  

Adam Lovinus

Adam Lovinus

A tech writer and Raspberry Pi enthusiast from Orange County, California.

More Posts - Website - Twitter - LinkedIn - Google Plus

Summary
Remote Workforce Security: Tips and Best Practices
Article Name
Remote Workforce Security: Tips and Best Practices
Description
Companies that implement an ad hoc work from home policy likely place their data at risk unless it includes a robust remote workforce security component.
Author
Adam Lovinus
0 comment
0
FacebookTwitterGoogle +PinterestEmail
Adam Lovinus
Adam Lovinus

A tech writer and Raspberry Pi enthusiast from Orange County, California.

previous post
Laptop Management Checklist for Remote Workers [Infographic]
next post
Anatomy of a Small Office Network [Infographic]

Related Posts

Aruba Instant On Wants to Simplify Your Small...

August 2, 2019

What is ‘Fileless’ Malware Found Inside Server Hardware?

October 4, 2018

How to Layer Antivirus Software Without Slowing Your...

May 21, 2018

Securing the Office Printer in Six Steps

May 14, 2018

How to Wipe a Hard Drive Securely

April 23, 2018

Six Router Features That Optimize Small Business Networks

March 21, 2018

Secure a Wireless Network with Access Point Isolation

March 7, 2018

How to Work Remotely While Keeping Secure and...

November 14, 2017

Tips for Ransomware Removal, Detection, and Prevention

November 1, 2017

Are You Ready for Machines to Control The...

September 1, 2017

What's your take? Cancel reply

Subscribe

Savings Spotlight
  • 1

    PC Cooling: How to Set up Computer Case Fans

    September 25, 2015
  • 2

    5 Ways to Stream from PC to TV or Digital Display

    May 23, 2016
  • 3

    How to Choose the Correct RAM Upgrade

    April 28, 2015
  • 4

    How to Troubleshoot a PC Power Supply

    July 11, 2018
  • 5

    Four Apps that Make Your Tablet a Second Monitor

    January 9, 2018
  • 6

    2019 Solid State Drive (SSD) Buying Guide

    December 6, 2018
  • 7

    6 Reasons Your PC is Slow and How to Fix It

    February 28, 2019
  • 8

    How-to Guide: Small Office Network Setup

    December 20, 2018
  • 9

    Born in the USA: Computer Hardware Made in America

    September 27, 2018
  • 10

    Computer Monitor Buying Guide 2019

    January 4, 2019

Newegg + Business

How is this different from Newegg.com?

Why NeweggBusiness?
  • Facebook
  • Twitter
  • Linkedin
  • Email