How IT Teams Have Ramped Up Security Measures for Remote Work

I hope everyone reading this is doing well in this time of crisis.

In recent weeks, COVID-19 has turned our lives upside down, forcing businesses to shut down, and everyone who can, to work from home.

IT teams have had to prepare entire organizations to work remotely on a very short notice, and most have done a stellar job.

I want to highlight the security measures that IT teams around the world have taken to ensure information security while enabling entire organizations for remote work.

There are 2 distinct use cases for implementing IT security measures across the organization, depending on the kind of devices being used by employees, while working remotely.

They are:

  1. Company issued machines; and
  2. Personal devices

Let’s take a look at:

  1. Security Measures for Company Issued Machines:

a. VPN: VPNs are a cheap and effective method for enabling remote access to company infrastructure, but they have their limitations. Private machines can not be allowed access to the company network through a VPN as they might carry malware that will infect the company network, so this approach is limited to company issued machines.
Some popular VPNs are: Palo Alto Networks’ GlobalProtect, Cisco AnyConnect, and Citrix Gateway

b. Multi-Factor Authentication: Multi-Factor Authentication is a robust method for remote logins into corporate accounts – by authenticating a login via an OTP or apps like Duo or Okta. This method is used on both company issued machines, as well as personal machines.

c. Virtualized Desktop/Apps:

i. Deploying virtual desktops – Host desktop hardware is hosted centrally and multiple virtual OS instances are created from an OS image, using a hypervisor (like VMWare Horizon). The user logs into their respective instance with credentials via a thin client, laptop, or mobile.
ii. Deploying app virtualization software – Application is hosted centrally and multiple app instances are created using an app virtualization software (like Citrix Virtual Apps). The user logs into their specific instance with credentials via a thin client, laptop, or mobile.

2. Security Measures for Personal Machines:

a. Moving to cloud-based LOB systems: A cost effective method to quickly and securely enable remote work is by moving LOB systems to cloud-based alternatives. For example:

i. Moving email servers to cloud providers like G-suite, Exchange Online
ii. Moving file servers to cloud providers like Google Drive, Dropbox
iii. Moving ticketing to cloud-based service desks like Freshservice, Spiceworks.

b. Remote Desktop Control: Users can not be granted access to the corporate network through a VPN on their personal machines as their personal machines may not be fully secure. In these cases, a viable alternative is providing remote desktop access through products like Splashtop combined with MFA and predefined access rights.

This is a very basic roundup of the security measures being taken by IT teams around the world to enable remote work. This list is by no means exhaustive.

If you have any questions, corrections or suggestions, feel free to write to me at ankit.ranjan@freshworks.com.

While this is a difficult time for all of us, and we will get through this together.

For now, stay home, stay safe.

And remember:

“Security doesn’t take a break because of a human virus”