Story image

Are your remote workers causing you a headache?

25 Mar 15

With more people than ever working away from a central office, IT departments need to have an effective way to secure the devices these people are using and securely access those machines if things go wrong.

The way in which we work has been transformed in the past five years, and staff could literally be based anywhere and on any sort of device. This has understandably had a dramatic effect on the average IT department, which now has its work cut out to keep control of an increasingly distributed user base.

Add to this the fact that, as the threat landscape continues to grow, security is a prime concern for any organization, and you have an environment that could well be seen as perfect for an IT disaster. The reality is that remote devices are more susceptible to infection than those that remain within the confines of a secured office environment; for a start, laptops are often more frequently connected to public Wi-Fi networks, exposing them to countless threats.

It can, of course, prove highly impractical for a user to return a laptop to the in-house IT team every time something goes wrong, so it’s important that companies have the ability to fix as many issues as possible without being able to gain physical access to the machine in question.

So where do you start, obviously setting strong passwords, frequently changing them and using smart cards, is one way to provide an extra layer of security for your colleagues, but this isn’t going to help with maintenance.

You need to take a layered approach to your security and maintenance, this should be something that includes remote support, but also handles on-going monitoring of remote machines and works effectively when fully or partially disconnected from the network in the office. (If you need to clean an infected remote laptop, you don’t want the user to open a virtual private network (VPN) into the production network so you can fix it.)

Using remote desktop protocol (RDP) to manage the workforce, is one way but again this isn’t wholly secure as it opens a port in your firewall, effectively leaving you open to attack. This is where using a remote control service can really help (see this recent blog I wrote for more insight here).

As I mentioned above, remote machines can present a real danger to the network, so the more visible they are to you, the better. If unauthorized software has been installed, it’s important that you know straight away. Asset tracking can prove invaluable in this situation.

If that wasn’t enough, it’s also quite easy for a remote user to continually ignore important patches and updates either through negligence or a simple lack of understanding. Here, patch management should be used to ensure remote machines are up to date.

The more distributed the workforce is, the more crucial it is to have constant visibility into all devices on the company’s network. A scheduled check for each machine is simply not enough – or realistic – if you want to avoid unpleasant surprises that cut into your free time.

With an increasing number of organizations actually looking to improve the user experience for those employees that chose not to be entirely based in the office, this situation is only going to get more difficult for the IT department. So if you’re not addressing this issue now then you need to be doing so as soon as possible.

For more information and some helpful hints on managing a remote workforce download our free white paper.

Ian Trump is ControlNow security lead at LogicNow

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.