American companies are responding to the Coronavirus effectively. Large scale organizations got ahead of the game and almost immediately implemented work from home (WFH) policies. These significant moves should help slow the spread of the virus.
This shift to WFH will not leave us after the virus passes. It will fundamentally change the work environment for us permanently.
We’ve seen this before. The dot-com boom forever marred the work-life balance that people enjoyed before the boom. After the dot-com bust, that balance never returned. We still have a melding of work and personal to the point where they are not separated any longer.
In the same way, WFH will stay with us after the virus has passed. We must acknowledge this and ensure that we do WFH right. Fortunately, we have a significant lead on this and know what we need to do.
WFH can lead to several security issues. We must manage them to protect our organizations. If an employee logs into your corporate systems on a home machine that his kid has gotten infected with a key logger, you have potentially given up your business. If an IT person opens an insecure access method into the network to expedite the ability to WFH, it may have opened up a door that would allow a criminal to gain access. We must control access into systems to ensure that we are protecting the corporation.
WFH is yet one more reason to double down on standards to ensure the organization stays secure as it enables employees to work in these troubled times.
Fortunately, we are way ahead of the curve on the need for laptops. Many organizations have gone to only buying laptops instead of desktops. This move has enabled people to shift to a WFH mentality quickly.
We must ensure these laptops are protected while at home. Most organizations have this in place already, but if not, there are many systems out there that can manage the laptops wherever they are.
Finally, we are seeing some companies making a rush to get laptops for those holdouts that still have desktops in their environment. But, as mentioned, we have a significant lead on this.
Remote Access: VPN
IT must ensure that remote access methods are secure. There are a couple of obvious points to be reviewed. The first is VPNs. VPNs are a great way to get a remote user to have access to systems. Unfortunately, too many configure the VPN to open up the network to the machine completely. This makes sense when the WFH employee is using a work managed machine, but could put the organization at risk if the VPN is installed on a personal device.
There are several ways around this. The first would be to implement technology that reviews the machine as it establishes the connection to ensure its patched and running antivirus. The machine is logically put into a sandbox if it isn’t and remediated to ensure it is protected before access is granted. This is a great solution for this problem.
The second and more basic option is to only open the access on a limited basis so that the user only gets access to what he needs. If a user needs to access the ERP system using Chrome, then only allow that access. Don’t allow the user to map drives to the database that the ERP system utilizes. That will significantly protect the environment over what a full open VPN would do.
Remote Access: Citrix/Microsoft
Employees do often need access to systems like they are at the office. This includes times such as when engineers need access to large CAD files, when the latency of accessing remotely is too high, etc. Companies typically turn to remote capabilities like the ones that Citrix and Microsoft offer.
We must ensure that this access is secure. A prominent example of an insecure deployment would be when IT spins up a Terminal Services server to enable RDP access. This is one of the most common ways criminals break-in. Ensure your IT isn’t doing this. There are many secure ways to enable these types of remote access. Not doing so will lead to a complete disaster.
Company IT Security
With the prevalence of WFH, it simply is one more reason that IT must ensure that its corporate resources are secure. Review should be performed for the following:
- Security standards and Active Directory security
- Firewall and other traditional network security steps
- Administrator tiers and security
- Server and Desktop security
Hundreds of Standards must be implemented to ensure the environment is safe. This has always been critical, but now with the increase in WFH, it is more critical than ever.
The biggest challenge: The team
The biggest challenge to the WFH effort will be the impact it has on the team. Losing the personal touches experienced in the office can significantly impact the relationships we’ve built. Employees must work to lead with video over phone calls to help protect this bond that is easily created in person.
The WFH spurred by Coronavirus is an inflection point. We have to get it right so that we can benefit from this change. This will take hard work and persistence. Ultimately, it is much more than an IT problem, but IT will play a critical role in ensuring its success.