Organizations should support telework as a component of their business continuity plan, which requires the ability to rapidly transition to a partly or wholly remote workforce. Doing so creates new networking and security challenges for an organization since the company network is being used in a very different way from on-site employees.
Securing a remote workforce requires identifying and deploying security solutions that meet the needs of the employees and the headquarters network. The majority of employees only need secure access to the corporate network and cloud-based applications, which requires VPN access and multi-factor authentication (MFA). Network administrators and executives may have additional network requirements, such as persistent connectivity and a secure telephony solution. The organization’s headquarters network must also be capable of supporting and securing the network connections coming from the vast majority of an organization’s workforce, requiring robust user authentication and advanced perimeter security.
The ability to support remote workers can help improve an organization’s business continuity plan. It allows the organization to adapt when unforeseen circumstances, such as natural disasters or a pandemic, make it impossible for employees to work on-site.
Under these circumstances, an organization may be forced to rapidly transition to a mostly or wholly remote workforce. When designing or implementing a telework solution, it is important to consider not only networking requirements but also the additional security concerns created by remote work.
Meeting Basic Telework Requirements
Employees may have different requirements of their remote work environment. However, all teleworkers have a set of basic requirements to ensure that they have a secure, authenticated connection to the enterprise network. These include access to a virtual private network (VPN) and a strong authentication solution to protect accounts from compromise.
Virtual Private Networking
When teleworking, an employee will be processing sensitive company data on their home network. Protecting this data against compromise requires the ability to ensure that a teleworker’s connection to the company network is secure. Teleworkers must have access to a VPN that provides direct and encrypted connectivity between their machine and the corporate network. This not only protects the confidentiality and integrity of sensitive company data in transit but also ensures that all traffic between the employee and the public internet is monitored and protected by the organization’s existing cybersecurity infrastructure.
With employees working from home, there is an increased probability that stolen login credentials, combined with access to an unattended machine, could enable unauthorized access to a user’s account. In these situations, many of the features used to detect anomalous access patterns, such as the location and time of the authentication attempt, may not be applicable as employees’ work patterns shift due to working from a home office.
Securing access to the corporate network, resources, and data requires a more robust authentication solution than traditional usernames and passwords. All teleworkers should be issued a secure authentication token. Options for MFA tokens include physical devices such as a key fob or software-based solutions such as a mobile application, which can be used to verify a user’s identify before they are able to initiate a VPN connection to the corporate network or access other sensitive company resources.