Carl Eberling, Chief Information Officer, Forcepoint
As the COVID-19 (Coronavirus) continues to affect globally, many companies to implement work from home plans to keep its employees safe and restrict the spread of the disease. At the same time, businesses are investing on the technology infrastructures to enable employees be prepared to ensure business continuity of their customers in securely and effectively from any location in the world.
Here are some tips to secure and enable remote workers:
• Rely on your organizations’ emergency preparedness or business continuity plans.
Now’s not the time to re-invent the wheel. Use this opportunity to validate work from home security and
o Understand workflows by department to better understand what applications those groups of employees need to get their jobs done.
o Implement a rolling work from home policy for a limited number of employees or locations at a time in order to test access by department or work type.
o Spend time thinking through your communication strategy. Will you communicate at the department level? Regional or office level? How will you communicate the most important updates to all employees?
• Test your security plans for both access and capacity.
Key here is to think through how well your existing security strategy scales to accommodate a large increase in
o Are you factoring in requirements for on-premises, cloud applications and hybrid environments your employees need to access to do their jobs?
o Does your single-sign-on platform incorporate appropriate levels of security? If not, what gaps need to be addressed?
o On the cloud application front: do the cloud applications your employees use have appropriate levels of elasticity? Can you easily scale to hundreds or even thousands of users to support bursts of users?
• Test your VPN for both security and capacity.
A strong VPN strategy is a foundational piece of keeping people and data secure. This is even more true as
organizations plan to accommodate large groups of remote workers.
o Understand the total number of remote workers you need to support and plan a 2x VPN capacity of that number to ensure consistent operations.
o Test for security and capacity at the department level. What applications do marketers need to use compared to developers or finance and accounting? Like mentioned previously, a rolling work from home program can help you test at this level.
o Create separate private, performance-focused VPN connections for dedicated groups of employees to accommodate critical work. For example, you may create a specific VPN for accounting team members to access during end of quarter activities. Or you may create a specific VPN for development team members to accommodate their building key feature enhancements to internal core business applications.
Emergencies like these happen and that’s why organizations create business continuity plans in the first place. Companies need to use these opportunities to validate and scale work from home assumptions. Make sure your VPN and broader security strategy covers all applications your workforce needs to do their jobs no matter where those applications reside. Following the above tips can go a long way to ensure organizations’ security without sacrificing employee productivity.