Working remotely isn't a new phenomenon, but what is new is everyone working remotely. With that sharp increase in remote workers comes several challenges. In a business-as-usual environment, the decision to begin a work-from-home program would take weeks or even months of planning. Once the plan was developed, the concept would be tested and slowly rolled out while leadership managed and monitored how it was changing the business.
This methodical, planned approach completely shifted with the pandemic. In March 2020, many companies took "work from home" from concept to production in a matter of days. This was done out of necessity, and it is likely that in the haste of immediate action, lots of details were missed. Now that work from home is a reality, here are three things that should be top of mind.
Capacity: Where are your bottlenecks?
The COVID-19 pandemic created a disaster recovery (DR) scenario that many companies had not included in their planning. Traditional disaster planning was focused on infrastructure that had been compromised or a failure or outage that made the resources difficult or impossible to reach. With COVID-19 this was not the case.
Instead, COVID-19 changed how we work. It forced people out of the office into remote work locations and created a need for large numbers of remote users to have concurrent access to centrally located resources. In order to be successful in a situation like this, businesses must have a plan to quickly and easily scale infrastructure to support the additional simultaneous users.
This may involve standing up new servers, expanding network infrastructure, increasing bandwidth or installing additional security and access management software. This may lead to new hardware appliances being installed and addressing network or operating system update prerequisites as well as client software rollouts. The list goes on and on. Partnering with a cloud services provider can take the effort and expense of doing physical upgrades off of your plate as the service provider can turn resources up and down as needed and you pay for what you use.
Network access: Limit your exposure to outside threats
Long gone are the castle-and-moat days, in which there was clear delineation between those inside the enterprise and those outside the enterprise. As we moved away from that model in recent decades, we adopted infrastructures, policies and procedures that accounted for some users being outside the firewall and needing access to some applications.
In today's world, we have everyone outside the firewall and they are accessing everything. Companies have dramatically increased the number of remote access points, thus increasing their exposure. The danger is that once a device is connected to the VPN it has access to the network and creates a path for hackers to exploit. Therefore, it's important to take additional steps to ensure security.
For starters, review your password authentication policies. The Verizon 2019 Data Breach Investigations Report "linked 81% of data breaches to weak passwords" which implies that password-only authentication probably isn't enough. A remote access system secured only by a password is a prime target for attack and highly vulnerable to exploitation from password leaks. Consider two-factor authentication with a text or email code to complete the authentication process.
For remote access systems with on-device software clients, regular updates are essential to protect clients from vulnerabilities and exploits. Outdated, unpatched software can be a profitable target for malicious hackers, and if breached, can expose the organization's data and networks to cyberattacks. A well-designed remote access system will validate specific criteria such as antivirus and patch levels on a device before it can connect to the network.
Backup and disaster recovery: Be prepared for the worst-case scenario
With everyone working remotely, the challenges associated with downtime can be much greater than when workers are in the office. Here are a few things you might want to consider:
Communications - In the event of an outage, it may be difficult to communicate with remote users. Corporate email and collaboration systems may be down, so you should consider developing an alternative communication strategy (such as a mobile texting system) so you can broadcast updates or deliver instructions.
Backup systems - Remote working may require additional server capacity, which necessitates an increase in backup capacity. Your backup system needs to be capable of scaling along with your server growth. If your current backup strategy is challenged, consider moving your backups to the cloud. Most backup software can attach to remote storage systems in the cloud so you can expand capacity as needed.
Disaster recovery plans - In the event of a disaster that would require remote workers to fail over to a secondary site, remote workers need to be equipped with the information they need to make the change. Consider creating documentation for this process before you need it.
With the desire to reduce costs and many companies having fewer associates to carry the load, addressing these issues can seem daunting. The good news is when you only pay for what you use - people and resources - an outsource model can be pretty cost effective.
If your company is looking for assistance in managing or scaling your remote access solution or just needs someone to review what you have done and make recommendations, Racksquared can help. We have the expertise, technology and infrastructure to support your IT needs. Want to learn more? Contact us at firstname.lastname@example.org to see how we can help with your remote workers