|
 |
|
General Information
|
Add To My Personal Library |
June 23, 2006
• Vol.28 Issue 25
Page(s) 28 in print issue
|
Secure Telecommuting
Security, Management & Standardization Are Crucial For Success
|
Telecommuting is on the rise and spanning the globe as more companies expand borders across continents. For example, a midsized development and manufacturing company in Spokane, Wash., has sales personnel in Africa, South America, and New Zealand, and its accounting and finance staff are spread across Tennessee, Belgium, and the UK. All of these people work from home using remote access through a secure VPN network, and they service clients all over the world. But is their network secure?
“Security is always an issue,” says Michael Brandley, network operations manager at Pyrotek, the company mentioned above. “But we are a global company communicating with all of the states, plus Europe and China. Our people can’t just be available from 8 to 5. Broadband is so common now that remote access just makes good business sense.”
 Using A VPN
Brandley says, “We use the Symantec products with a Citrix farm acting as our group balancing, Symantec’s client VPN to access resources and run programs at our data center, Symantec’s client security on our notebooks, and pcAnywhere to manage our servers at remote locations and to troubleshoot problem systems. So far, we’ve had no security problems.”
“I have a VPN connection to our office in Mobile, Ala.," says Bryan Wilson, director of software engineering at Targeted Technologies, “and I live in Houston. I use a laptop that’s configured to use domain credentials that are cached from when I logged in to the network the first time in Mobile. All of the tools we use for remote access are free (VPN, remote desktops, etc.), so I guess it’s just a matter of having an effective IT group. The ‘Remote Desktops’ tool is part of the Windows Server 2003 administration pack (it’s pretty much just like pcAnywhere except that it’s built into the OS).”
But security still remains the primary concern. Microsoft advertises that enhancing the security of corporate assets worldwide is its top priority. Citrix Systems in Fort Lauderdale, Fla., says it wants to make every business on the planet an “on-demand enterprise” with secure data that’s immediately and “easily accessible from anywhere, using any device.” Symantec’s promise is to protect your “most important asset—information,” at all costs. And yet telecommuters remain a small percentage of the workforce.
Access Without A VPN
“If a VPN solution is not available, which may be the case with smaller companies or those that need to connect to multiple external organizations themselves, a flexible remote access/remote control product may be just the answer,” says Mike Baldwin, product manager for pcAnywhere at Symantec. “Using IP-based networks or even direct-dial modem connections, a remote access program can provide a secure and reliable means of connecting to an employee’s office desktop, a shared central server, or even a customer’s workstation. Once basic connectivity is established, productivity can be further enhanced by using a remote access/remote control solution for collaboration. Those that offer true desktop sharing (where activity on one machine is exactly replicated and viewable on another) provide a direct window into what work one person is performing, while others can view, advise, or even directly assist.”
And for some smaller organizations, such as an independent publisher in Maine, using the Internet, an FTP server, and email is the best solution. “For security reasons, we don’t have a central network that outside contractors access,” says Angela Hoy, owner of Booklocker.com. “We exchange files with them via FTP uploads/downloads and, of course, email.”
Standardize Everything
Brandley says standardization is key: software, hardware, policies, security procedures, management practices, and even user access. Management, however, will always be an ongoing issue. “IT departments need to know and understand that whenever you add infrastructure outside the central office, twice the management is required to handle the load, but the benefits in productivity alone far outweigh the cost of the additional staff.”
Baldwin agrees. “The most important factor when considering best practices for providing telecommuters and mobile workers access to an enterprise network is ensuring that consistent standards are enforced across the board,” he says. “This means that the remote worker is held to the same security standards as the workers in the office, however rigid or flexible those standards may be. All too often we hear of situations where shortcuts are taken or certain security policies circumvented, due to some level of trouble establishing a connection ‘the right way.’ Reducing adherence to security standards, regardless of physical location, increases risk across the entire network.” 
by Julie Sartain
Benefits Of Telecommuting
• Telecommuting is a valuable recruitment and retention tool that helps companies compete successfully for particular skills and/or abilities
• Telecommuters actually show an increase in productivity because they are removed from the everyday office distractions
• Telecommuters spend less time and expense traveling, both to and from work and to and from meetings
• Companies have access to a much wider field of talent
• Overhead costs are significantly reduced because less office space, utilities, and onsite resources are required
• Companies can easier retain employees who develop special circumstances such as employees who have disabilities, young children, unique family situations, etc.
• Ancillary benefits include the option for employees to live farther away from the office
• Employees have more free time (because commute time is eliminated) to spend with their families, resulting in greater productivity, increased efficiency, improved employee morale and loyalty, and even lower rates of sick leave and absenteeism |
Implementing A Telecommuter Program
Security
• Your remote software should have integrity checking (features that identify changes that have occurred since the original installation)
• The software should generate alerts when it detects a number of unsuccessful attempts to connect to a host PC
• Software should generate audit logs of all remote transactions
• Authorization and access controls should be in place
• The program should have a feature that lets administrators limit access to computers within a specific subnet or to a specific TCP/IP address
• Software should support both symmetric and asymmetric encryption services (public key encryption) to prevent hackers from intercepting data during transmissions
Standardization
• Make certain that all equipment (hardware and software) is the same company-wide
• Even though some broadband companies want to provide you with their equipment, don’t use it. Use all of your own broadband equipment; keep it all compatible and standardized including the firewalls, VPN software, security software, and even the user logins
• Maintain constant visibility to all the computers in your network, both onsite and offsite
• Make sure all systems are handled properly and that each computer checks in regularly for problem issues
Management
• Be sure to clearly define management responsibilities
• Create, enforce, and maintain clear management policies
• Be aware that managing remote users takes twice as much staff and time as managing onsite users, but it’s often worth the effort |
Sponsored Links
Broadwing Communications Private IP Service
Provides truly converged data, voice, and media networking solutions for sophisticated enterprise and carrier customers
www.Processor.com/Broadwing
Check Point VPN-1 Power
The most intelligent, reliable security for stopping attacks
www.Processor.com/CheckPoint
Lockdown Networks Lockdown Auditor
The leader in next-generation, appliance-based security management for wired and wireless enterprise networks
www.Processor.com/LockdownNetworks
Symantec pcAnywhere
Connect to remote devices simply and securely
www.Processor.com/pcAny |
|
|
