On the face of it, working from home seems like an great prospect. But, from a technology and Cyber Security perspective, it actually raises a few serious problems. These past few years have seen us asked how to work from home more than any other question.
So we’ve written this guide to help business owners, managers and staff understand what’s involved in working from home… securely.
For most organisations, the security of personal data is absolutely crucial. This can be because they work with sensitive data and don’t want that information becoming public, or it can be because their customers trust them with their personal information. Whatever the driver, it’s imperative that when thinking about how to work from home no more risk is introduced than working in the office.
In the good ol’ days, computers were contained within an office. That office had a network protected by a firewall and lots of other security provisions. All these security measures were ringfenced within that one geographical location.
As people started to work outside the office a simple VPN would suffice for the rare occasions staff travelled to client sites, coffee shops and worked while on train journeys.
As staff began to spend significantly more of their time working away from the office it has become clear the original ringfence that traditionally protected businesses was becoming more and more fragmented. Like any good fence, it’s only as strong as the smallest hole.
Some of the problems with working from home (and being outside the fence) included:
As alluded to above many staff didn’t want, or didn’t have space for, a work computer at home as well as their own personal computer(s). It makes sense to many people that they should be able to use their home computer to work from instead. They wanted to “Bring Their Own Devices” (BYOD).
These changes have all come about very quickly. In fact it’s one of the fastest changes in technology we’ve seen in our many years of serving our customers.
Thankfully though, Microsoft, Amazon and Google have produced some great solutions.
The safest way of remaining secure depends on one very important factor, who owns the device?
Always on VPNs were introduced by Microsoft recently and are a great way to bring a computer back inside the fence. Think of a VPN as a very long cable that connects the computer to the office network. An Always on VPN is very similar to a traditional VPN except it is the computer that is authenticated and not the person. This means that, even when travelling, the computer is segregated from untrusted networks. So whether it’s in a coffee shop, dining room or hotel the computer is only allowed to access the internet ‘through’ the company network.
Unlike traditional VPNs, Always on VPN’s can’t be turned off or bypassed by the computer user.
Personal devices that are not owned by the company cannot have the companies standard security precautions applied because the company doesn’t own them. For example blocking USB ports is probably going to upset the family if forced upon by the company.
The solution is Microsoft Windows Cloud PC as it creates a virtual computer on the cloud. That virtual computer lives in a secure virtual network that is connected to the office network. The great benefit of Cloud PC is that these virtual computers are all within the ringfence of the companies standard security controls.
This virtual computer can have all the company apps, security rules and protection that the office computers need while being accessible from the staff’s own personal computers.
As we’ve discussed above, the most important thing to know about how to work from home is who owns the computer.
If it’s a company owned device ask us about Always On VPN.
If it’s a staff owned device, talk to us about Windows Cloud PC.
Whichever option you choose, or even if you’re still unsure, please talk to us so we can fully understand your situation and which option suits your business best.
No comments yet.