Ensuring your employees can access what they need
Why improved access is important, how to fine-tune your processes, and do’s and don’ts for the best results.
Why this is a Key Area during COVID-19:
When working from home, your employees should be able to access what they need to do their work just as they do when working at the office — or at least as close to that as possible. The more teleworking feels normal, the better.
Most organizations have a plan for remote access but typically it doesn’t include your entire IT environment. And chances are it was not set up to accommodate everyone working remotely at the same time. To avoid bottlenecks and calls to IT for help, have a plan that spells out remote access protocols. To handle heavy remote access traffic, have (at a minimum) one or more VPN clients that can accommodate all of your users simultaneously. And to protect your company, have a web gateway to authenticate employees at login.
Fine-tuning once you’ve transitioned to remote working:
As your workforce began working from home, you may have had to work out some kinks with remote access (see below for do’s and don’ts about the basics). Now is the time to evaluate how you’re doing so far and to start looking at related short-, medium- and long-term strategies. You can ask:
- How closely do our remote-working processes mirror what we can accomplish while we’re in the office? Ex: Permissions, easy (yet secure) access to the network resources, login efficiency, VPN bandwidth, end-user support.
- Is our team satisfied with their ability to get work done?
- Are we adequately protecting access to sensitive documents and data?
- Can we continue to meet our business needs if we operate in this capacity for the next few weeks (or months) and if we need to do this all over again in the future?
Managing the basics during COVID-19:
For a real-life example, see below.
Have at least two secure remote access methods. You need a backup method because ost IT environments were not designed for all employees to work remotely at the same time.
Establish a temporary access protocol for teleworking. Decide in advance how to manage information access for employees who will only need it for a short time.
Make sure administrators can remotely access workplace systems that are typically closed. You also need to be able to remotely control (or at least monitor) systems such as security cameras, lighting, and environmental controls.
Consider augmenting on-premises files with auditable cloud-based file systems. Employees need to be able to edit work files and managers need to have an audit trail for versions.
Don’t let employees use personal platforms for business. While it can be easier to copy files into an app like Dropbox to work on them, this puts company information at risk.
Don’t get frustrated if things aren’t working seamlessly at first. It may take some time for your IT team to work out the teleworking kinks. Report any problems then give IT some time to work through them.
Don’t stay logged into the VPN when you’re not working. Since VPNs can handle a certain number of concurrent sessions, not logging out could slow internet speed for others.
Don’t leave work files open when you’re not working on them. Family members wouldn’t purposefully delete work product but mistakes happen.
An example of how to manage this key area
A financial services company had just transitioned to centralized Virtual Desktop Infrastructure (VDI) to improve security and efficiencies. When COVID-19 hit, the company was able to scale up overnight, enabling everyone to work from home using their personal computers if needed. To manage access to personal printers and scanners, Leapfrog updated the VDI configuration then rolled it out to all employees. By having VDI in place, the company was able to pull off the mass transition to teleworking efficiently and securely.
Additional information from our blog and partners
- MFA During COVID-19: Eight Ways To Be More Secure
- Can’t Find New Computers? Consider VDI During Supply Chain Disruption
- Varonis: COVID-19 Threat Update #1 (video about phishing, VPNs and monitoring)
- SecureWorks: Maintaining Cybersecurity in the Face of COVID-19-driven Organizational Change