Skip to main content

Designing a secure remote access plan

Technology
(Image credit: Image Credit: Bbernard / Shutterstock)

 

For many organizations, prior to last year, remote access was a “nice to have.” Now that we’ve all flashed forward to 2021, it’s a business continuity essential. With predictions that remote work will double its pre-pandemic levels and with cyberattacks on remote workers on the rise, it’s imperative for organizations to think through how and when they allow employees to access IT resources. Having a remote access plan is essential to staying secure – and productive – in our new remote and hybrid world.

A remote-access plan is a key part of an organization’s digital transformation. It sounds obvious, but prior to the pandemic, 80 percent of companies did not have a remote access plan in place. It’s been a year of playing catch up, but now that many companies are coming out of crisis mode, they are looking at the future of work and making long-term decisions about how they’ll handle remote access. 

A well-designed remote access plan provides access to the required corporate data and applications for users when they’re off-premises. While right now employees are largely working from home, in the near future they’ll be visiting client sites and attending conferences, and a remote access solution keeps them productive while on the road. It also provides additional opportunities to collaborate no matter where your users are.

Remote access isn’t just necessary for productivity; it’s a strategic decision as well. With a robust remote access plan in place, you can recruit or bring on talent from anywhere in the world. You’ve heard the stories of workers moving out of commuting distance during the pandemic. If you force them back to the office, you’ll lose them to someone who won’t require them to be on site.

Even for those returning to the office, a good remote access solution supports valuable business applications – namely, moving to the cloud. A move to the cloud turns capital expenses into operating expenses and allows for the flexibility to expand and contract as needed. Cloud resources are inherently remote, even when accessed from the office, so a remote access plan is required to utilize them efficiently.

And finally, while the pandemic has been an extreme test of business continuity, it’s not the first time a disaster has kept employees out of the office, and it won’t be the last time, either. Remote access isn’t about allowing everyone to work from home; it’s about allowing everyone to keep working – period – no matter where they are or what they need access to. 

When thinking about remote access, there are a few things to keep in mind, particularly around security.

Define an MFA strategy 

Sometimes organizations worry that multifactor authentication will be disruptive to employees. But resources exposed for remote access absolutely must be locked up securely, and MFA should be part of your remote access plan. 

While you might decide to allow users on the network to log in with single-layer authentication, remote users should need to pass through MFA almost universally. If you have a preferred MFA provider, be sure to design it into your remote access solution. And if you do not, it’s time to think about getting one.

Implement access control rules 

Remote access doesn’t mean remote access to everything. Don’t give away the keys to your kingdom by allowing every authorized user to access everything. Separate access into pools, limiting each pool to only the users who need it. Limit access further by applicable metrics, like time of day or length of time, when you can.

Focus on a VPN-less connection 

As many organizations quickly learned in March 2020, VPNs are a bottleneck when overtaxed. VPN-less connections save on cost, save on resources and most of all save sanity by giving people a performant connection. When looking for a VPN-less connection solution, consider the display protocol used for the user’s connection, whether RDP or another solution for more graphics-intensive workloads. Ensure it is compatible with your gateway solution and the tasks users need to perform.

Also consider how the access will work for the end-user. Create a hybrid environment that users log into once for access to everything. It’s a better user experience and it provides you with the flexibility to future-proof your environment when you want to make changes without disrupting the user experience.

Use processes and technology that support zero trust 

Zero Trust is a security term that focuses on the idea that any user should be authenticated before they access a resource, whether they are doing so from inside the network or remotely. It centers on ensuring you know exactly who is tapping into your network and resources at any time. When you’re putting together a remote access plan, engage technologies that support Zero Trust. This includes MFA, access control, and usage tracking.

Monitor who is using what resource, from where, and for how long so you can react to changes in user behavior that might indicate a bad actor. 

As companies forge a path forward post-pandemic, it’s important to realize that the world of work has changed. “Digital transformation” is a major buzzword, and a secure remote access plan is key to achieving it. Thankfully, “remote” no longer means “separate”, now that we have technologies to keep us connected.

Karen Gondoly, CEO, Leostream

Karen Gondoly is the CEO of Leostream, a leading provider of high performance remote access.