SymQuest Tech Talk

How to Ensure Secure Remote Access for Work-from-Home Employees

Written by Jean Chaulot | January 27, 2021

With the ongoing COVID-19 pandemic, many employees are working fully remote, and may not be coming back into the office any time soon, or at all. This is slowly awakening IT managers and SMBs to the growing need to invest in secure remote access. Given these circumstances, it’s crucial for organizations to ensure that remote access security for employees is as secure as in-office security in order to keep business assets protected.

Since the start of the pandemic, there has been a rise in phishing scams and other related cybersecurity attacks that remote employees are ill-equipped to handle. It is important now more than ever to educate employees on cybersecurity best practices. For example, Knowbe4 states that 48% of employees report they do not have an employee security awareness training program in place and only 5% of users can effectively spot a phishing attack. These alarming statistics point to a growing knowledge gap between employees and cybersecurity prevention and the ever-growing need to ensure secure remote access for work-from-home employees.

While many organizations understand the importance of practicing and implementing a culture of cybersecurity awareness and prevention, many are struggling with adapting secure remote access protocols. Organizations need to implement a proactive and secure remote access management strategy that keeps remote employee networks safe, reliable, and compliant.

How to Keep Employees Safe with a Secure Remote Access Plan

While organizations may have implemented remote access strategies as a matter of convenience before, they are now a necessity to navigate the access barriers caused by the COVID-19 pandemic. Businesses need to supply remote employees secure equipment, access through a secure connection, an established VPN, and implement a culture of cybersecurity best practices. It is imperative to keep in mind there is no blanket solution when it comes to securing access for remote employees but rather a collection of layered strategies and techniques that should be proactively put in place. 

Issue Secure Equipment to Remote Employees

Small businesses and managers need to remember that their employees are not IT professionals. The prospect of trusting employees to ensure security protocols on personal devices is like climbing Mount Everest without crampons; the intentions are sound but you will inevitably fail due to lack of foresight and proper equipment. Being prepared with the right equipment for a steep ascent will ensure you are secure during your climb up the proverbial cybersecurity mountain.

Organizations can provide three tiers of secure equipment for their remote employees: Bad, better, and best. Here is a breakdown of the three tier system.

Bad: The least secure tier for remote employee equipment is a personal tablet or phone using an Android or iOS operating system.  

Better: Personal computers are extremely vulnerable to cybercriminals. While allowing employees to use their personal devices might reduce equipment costs in the short term, it will not reduce the stress and frustration associated with security breaches and ransomware attacks that will inevitably result. Though better than personal tablets or phones, this option still isn’t as secure as it could be.

Best: When it comes down to providing secure equipment for remote employees, the best practice is to provide remote employees a managed company device or office computer. A managed company computer or device can be secured by IT technicians with next-generation firewalls and antivirus software to ensure the equipment is up to date in terms of security and compatibility.

Implement a Secure Connection for Remote Network Access

When gauging the efficacy of a secure access strategy for remote employees, an organization needs to consider the path in which remote employees access and connect to the internet. Organizations can ensure a secure remote work environment by requiring employees to only access the corporate network through a secure connection. Here are a few connections to consider for secure access for remote employees. 

  • Wired Connection: A wired connection is the most secure method for remote network access
  • Home Wi-Fi: The second most secure network connection is using a secured home Wi-Fi connection. Keep in mind that an unsecure Wi-Fi connection can lead to remote network security breaches.    
  • Public Wi-Fi: While secured public Wi-Fi offers a bit more security than an unsecure public Wi-Fi, best practice is to forgo this method of connection altogether. Remote employees can be exposed to hackers that may also be connected to the same network.
  • 4G/5G: This method of network connection offers more advanced security encryption than public Wi-Fi and, in some cases, home Wi-Fi. 

Supply a VPN for Secure Remote Access

Organizations that utilize a Virtual Private Network (VPN) provide their remote employees a very similar experience to working in brick and mortar locations. A VPN allows an end-user to establish a direct connection between their PC and the corporate network through a firewall. VPNs provide the much needed extra layer of security to ensure continued business productivity during and after this period of disruption. While remote desktop services and applications might suffice for a small office with only a few remote connections, a VPN will be needed to properly secure a business that requires multiple remote connections.

However, organizations need to keep in mind that establishing a direct connection from a home network can still expose the company network to outside cybersecurity threats. Organizations must closely monitor the status of their VPN or delegate the responsibility to a trusted and qualified managed service provider to mitigate these risks.

Empower Remote Employees through Education and Technology

Businesses need to recognize that their employees are usually the last line of defense when security breaches arise. While underprepared and uneducated employees can be a great security detriment, knowledgeable employees can be one of their greatest tools for combating remote security vulnerabilities.

Providing employees the education and technology to protect themselves will empower them to handle remote security risks as they arise. Here are a few best practices that will turn remote employees into a unified cybersecurity prevention army.

  • Multi-Factor Authentication (MFA): Also referred to as two-factor authentication, this enhanced security measure helps prevent unwanted users from remotely accessing employees’ platforms by requiring end-users to provide two or more credentials to access systems or accounts. 
  • Password Policy: Organizations need to set clear password usage standards for devices and remote network environments. By establishing stricter password guidelines, businesses can help protect their network and sensitive information, plus keep their employees safe while working remotely.
  • Computer Encryption: Utilizing encryption technology helps to protect data located on the hard drive (or SSD) of the employee’s computer. If the device or its parts are stolen, the data on it will not be accessible without a long confidential pass key.
  • Anti-Virus: SMBs should fortify their employees’ remote work environment by implementing a managed antivirus. Being managed guarantees that the antivirus is running, has the latest update or upgrade, and that the scheduled scans are running. 
  • Next-Generation Firewall: Installing a next generation firewall for remote employees provides the standard functions of a firewall such as ongoing reporting, logging, and consultation with the additional security benefits of network-based antivirus protection, malware protection, and intrusion prevention.  
  • Remote Desktop Services (RDS): RDS infrastructure is an effective tool that SMBs can leverage to secure access for remote employees. Remote employees can utilize remote desktop services such as Citrix to remotely access the desktop that resides at the corporate office. Just make sure these services are often patched and updated to keep them secure.
  • Employee Training: Make employees an active part of your organization's cybersecurity defense by providing comprehensive employee cybersecurity awareness training. Ensuring that employees are up-to-date, trained, and tested to recognize cybersecurity threats creates a human fire wall that acts as an extra fortified layer of defense.

 

Implementing Secure Remote Access for your Employees

With remote work remaining a necessity for a majority of organizations, the question persists: how secure is my organization with employees no longer working in brick and mortar locations? Businesses cannot wait to find out the answer to this question. Remote cybersecurity is simply not something that organizations can afford to overlook.

By properly assessing and prioritizing secure remote access for remote employees, SMBs can minimize downtime due to security breaches and ransomware attacks, and focus their time and money on other high priority areas. While the longevity of remote work environments is uncertain, the challenge and importance of securing your remote workforce from cybersecurity threats remains clear. Organizations should partner with trained network infrastructure specialists to ensure remote employees have secure remote access to corporate networks and are securely protected from cyber threats during this amplified time of risk, and in the future.