Security

Remote work infrastructure requires on-prem network changes

The stay-at-home orders came quickly and with minimal warning. Chances are you turned off the office lights, locked the door and headed home. Maybe you gave little thought about how to adapt the network for the change in network traffic as employees switched to remote work.

During this time of working from home, the network change requirements will be different for nearly every enterprise as they address their remote work infrastructure. If all employees are working from home, you could shut down some network components. For instance, you could shut off the switches supporting employee offices to save on power and air conditioning. Wi-Fi can also be shut off, but if some employees are still going into the office, then the parts of the network they use must be left on.

Working from home also means much more video conferencing, which may be beyond what your remote work infrastructure was designed to support — and beyond the capacity of the internet links you’ve contracted. If that’s the case, contact your network service provider to request additional capacity. But, because providers may be dealing with many similar requests from other customers, be prepared that they may not meet your request quickly.

As a short-term fix to the link capacity problem, spread out large meetings throughout the day. You may find, for example, that capacity problems are hitting on Monday morning when many meetings are scheduled to set tasks for the week. You will need to agree upon a schedule to spread the meetings out throughout the week.

Even if your internet links are sufficient, traffic may be backing up in the demilitarized zone. If so, you may need to add resources to those components. This may occur if you succeed in purchasing more bandwidth for internet links.

Remote work infrastructure tips

Managing remote work security

Security is always a major issue in a remote work infrastructure, and employees working from home add additional risks. You may have already assigned different levels of login privilege depending on what resources each employee needs to access. But some employees may not have been permitted in the past to work remotely due to the data they must access. If so, changes to login privilege definitions may be needed so work can continue.

Implementing these practical changes now may prove valuable in the future.

If employees are using their own computers, it’s critical they are running antivirus software. Installing a network access control product can help ensure security software on employee systems is up to date and traffic is inspected as it arrives at the corporate network.

Login security can be increased by adding an additional factor in the authentication process, such as texting a one-time code that must be entered after entering a password or adding the use of a security token. Also, with phishing as a major threat, consider requiring employees to complete a course that teaches them how to spot phishing attempts.

Since additional remote logins make more use of VPNs, it may be necessary to add resources. Traffic to corporate VPN terminations can be reduced by using the split tunneling feature found in some VPN products. This feature splits traffic so only traffic destined for the corporate network is sent to it, but web browsing and similar traffic does not consume resources on the corporate network.

On one hand, the current situation is expected to be temporary, so some of these steps may not be considered long-term fixes in a remote work infrastructure. On the other hand, the full duration of the coronavirus pandemic is unknown and may flare up again in the near future.

Ultimately, some enterprises may find value in allowing employees to work from home for part of their weekly workflow. Working from home may even improve their performance. So, implementing these practical changes now may prove valuable in the future.


Source link

Tags

About the author

GG

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *

Do NOT follow this link or you will be banned from the site!