The Total Picture: An Increasingly Remote Workforce
The modern workforce is more remote than ever, and that trend is only increasing. There are a few reasons for this; chief among them the cost-effectiveness which surfeits remote solutions. Several aspects of a remote workforce need to be addressed, including:
- BYOD and MDM
- Managing Unique Devices
- Cloud Access Considerations
- The Value of Monitoring and Support
BYOD and MDM
BYOD, or Bring Your Own Device, actually increases employee productivity while reducing operational cost–when properly managed and implemented. An MDM (Mobile Device Management) solution can be leveraged to ensure that the BYOD device only gains access to the applications and data associated with that user’s profile, while preventing data loss in the event of the device being lost or stolen. Additionally, for MDM reasons, it also may make sense to leverage DaaS, or Device as a Service. Basically, instead of a hundred employees with a hundred unique computers in a BYOD paradigm, or the associated cost which comes from supplying these devices out of the business’s budget, you “rent” end user equipment like laptops, tablets, and smartphones. You utilize cloud computing as a data repository, accessed through the web, making the devices themselves essentially expendable. Outsource internal server arrays, and even a smaller SMB (Small to Medium-sized Business) stands to save tens of thousands annually.
Managing Unique Devices
But, as with anything good, there is a catch. When it comes to remote solutions, unique security threats exist. If you’re supporting BYOD, for example, unique devices will have unique programs, applications, and other software which could contain hidden malware. Trojan viruses are apt to hide in third-party software. An employee with an after-market dating app on his or her smartphone could be ushering in a pernicious virus to your network entirely unaware.
Consolidation of what is and isn’t approved in terms of software for “work computer” use can be difficult. A better way is to put security controls in place, like multi-factor authentication, a CASB (Cloud Access Security Broker), or a DLP (Data Loss Prevention) solution. This would allow employees to gain secure access to the required resources, but not have the ability to remove sensitive data and share it outside the organization’s purview. This keeps corporate espionage from happening while ensuring malware can’t get into the system. But it’s not a system that will work for all employees. Some, after all, are going to have more integral responsibilities which require them to add or remove data from the network for one reason or another. This is where privileged access management (PAM) is necessary.
Cloud Access Considerations
Another threat comes from the fact that users and resources are no longer in a private datacenter managed by the end user. As more applications move to the cloud and are accessed by mobile devices and remote workers, the end user begins to lose visibility and control. An MDM solution can augment device management while a secure access solution such as a containerized VPN can ensure a secure connection to that cloud resource. Many leading CASB solutions now incorporate DLP components to protect the data that is being accessed in the cloud. Traditional VPNs often required remote users to access all resources via the corporate datacenter by tunneling all traffic, but that is no longer desired by most organizations. With more applications in the cloud, there is minimal benefit to bringing the remote user’s traffic back through the corporate infrastructure just to kick them back to a cloud-based resource.
The Value of Monitoring and Support
What’s necessary is some form of monitoring and support which has a continuous nature, provides detailed visibility, and can detect anomalies. Basically, you design a system which uses multi-factor authentication to ensure all users are who they say they are. From there, data addition or removal can only be done by those with proper access credentials. Although there are some security considerations with a remote workforce, the right technology solutions can help you manage connectivity for those users in a secure fashion.
