Maintaining Security within Work at Home Programs
April 4, 2017
Allowing employees to work from home has well-documented benefits, including higher productivity, better access to talent and a potential for massive cost savings. While those business benefits are tempting, many companies hesitate over one (very well founded) concern: security.
Data security is hard enough to ensure when all employees are working from corporate offices, so it’s only natural that many business owners and boards of directors would naturally assume security would be harder to maintain with remote workers. Luckily that’s not the case. In fact, there’s evidence beginning to emerge that the opposite is actually true. Manny Ladis, Dizzion Co-Founder and VP of Business Development, attended Remote Working Summit 2017 and heard Jim Farnsworth, EVP of Sykes, share the fact that fraud and data theft actually occur at lower levels with remote workers than with on-site employees. (You can read more of Manny’s RWS 2017 takeaways in his re-cap blog post, What I Learned at Remote Working Summit 2017.)
Still, any self-respecting IT, security or risk management team is going to pay special attention to security measures for remote workers to ensure they’re doing all they can to protect corporate intellectual property and sensitive data. To help achieve that goal, here are a few key steps and management features that should be accounted for before a remote working or work from home program is rolled out.
Implement Strict User Controls
There are many high-risk computing functions, even common ones, that can make a data breach – both intentional and accidental – easy:
- Copy/paste
- Screen capture
- USB access
- Saving to an unapproved location – locally, externally or online
- Printing
Taking these functions away from employees that don’t need them can go a long way in preventing a breach. Classify remote workers into use case groups and define that functions and features they need access too, then lock down anything else with group based controls. You wouldn’t give employees access to a licensed application that they don’t need for their job function, so why should computing functions be any different?
If an incident occurs, make revisiting controls part of the incident response process to assess if any further limitations need to be implemented.
Make it Easy for IT to Update & Patch
Keeping applications, operating systems and security measures up-to-date is a vital component of any security program. This process can be difficult enough before you add in endpoint devices a centralized IT team can’t easily access.
If your company is considering implementing a large remote working program, it’s imperative that IT has a way to quickly and easily access remote devices to make necessary updates. Employees cannot be relied on to update antimalware, antivirus or other security-critical software and asking IT teams to remotely access individual machines is time consuming and leaves untouched devices vulnerable until their turn comes.
Remote IT access is also important in cases when employees are suddenly no longer part of the organization – it can be critical that access to data, applications and other systems is cut off quickly. While ideally the organization would get any company issued devices back, in reality that doesn’t always happen. If that’s the case, you need to ensure that corporate data isn’t still accessible on your now lost machine.
If Allowing BYOD, Make Sure the Work Environment is Isolated
BYOD is popular with employees and employers alike: Employers enjoy cost and resource savings from not having to provide and maintain devices while the end user gets to work on a device they are familiar with and like. However, BYOD might as well be called BYOPD (bring your own personal device). Few people purchase a secondary computer for work in BYOD situations, instead using a single device for both work and personal use.
This can pose a problem as sensitive work documents are being accessed and saved alongside personal documents and in an environment where they’re easily accessible when an employee isn’t in the security-focused working frame of mind. The wrong document (containing sensitive information) could accidentally be attached to an email to friends. A family member using the same computer can easily open a document or log into an application they shouldn’t have access to. To ensure that corporate data is secure with BYOD (whether utilized by remote workers or in-house employees) it needs to be isolated.
Ensuring sensitive data is isolated and password protected also helps in situations when devices are lost or stolen.
Rolling It All Together
The security measures required for a successful and safe work at home program aren’t unusual, and many are just as useful for in-house employees as they are for remote workers. But finding a solution that allows IT teams to easily implement all the recommended measures saves immensely on time and management resources.
Desktop as a service (DaaS) allows for centralized IT management that makes it as easy to manage remote devices as in-house devices. Customizable Golden Images set up for specific use cases makes it easy to roll out working environments with exactly the right security measures to any employee quickly, allowing remote workers to attain productivity faster and more securely than with traditional on boarding. If an update is need or controls need to be tightened, the Golden Image is updated and those changes are pushed to end users without touching each individual device.
As a virtual desktop solution, DaaS also addresses the need for secure environment isolation. No matter what device employees are using – personal or work-issued – data is never stored on the endpoint. Instead, it’s only accessible behind a secure login, vastly limiting the potential for accidental access or exposure.
DaaS centralizes IT management so that internal IT teams can easily manage both in-house and remote employees without additional effort or security concerns. As organizations begin embracing remote working programs, internal processes need to adapt to address changing needs without causing additional security vulnerabilities. Having the right policies, procedures, processes and solutions in place is crucial to success during this transition.
You may also like:
More Posts like This
Chromebooks: An Inexpensive VDI Endpoint Option for the Right Use Cases
Feb 23, 2023
Chromebooks are an inexpensive end point device that are an excellent option for virtual desktop environments. ChromeOS enables IT to deliver secure devices, fast deployment, and cloud-first management. READ MORE
Announcing Dizzion Managed Desktops on IBM Cloud
Apr 13, 2021
Dizzion extends AnyCloud global delivery with new Managed Desktops on IBM Cloudâ, featuring VMwareâ Horizon technology Earlier today, Dizzion announced ...READ MORE
Remote Working / Work from Home Takeaways from a Tumultuous 2020
Jan 07, 2021
A retrospective from Dizzion & Pure Storage® — First, the backstory of Dizzion and Pure Pure and Dizzion have ...READ MORE