An increasing number of organizations are supporting distributed, remote teams. While these remote-work policies allow for increased flexibility, there are unique access and security considerations that are inherent to mobile work.
Working from home has gone quickly from luxury to necessity. Time to arm your teams for safe, secure, remote collaboration.
Here are answers to some common questions about remote work, and a few best practices to enable your employees outside of office walls:
What collaboration tools should I use?
One of the biggest challenges of a decentralized workforce is ensuring that employees are empowered with the right tools. Over the past few years, we’ve seen many organizations adopting digital productivity applications such as Zoom, Slack and Box to enable their workforce to collaborate remotely.
How can I quickly provide access to cloud and on-prem services?
Getting these new apps in the hands of your users can be done quickly and efficiently if rolled out through a single sign-on (SSO) solution.
While SSO is often associated with providing access to cloud apps, that is not its only use case. For employees that need to access cloud-hosted infrastructure, you can integrate your IaaS platforms with your SSO solution to ensure that the same set of credentials are being used when accessing servers.
Many organizations also struggle with providing employees with secure access to the on-premises applications, like Oracle eBusiness Suite, Peoplesoft, JD Edwards, SharePoint, and Qlik.
How do I deploy effective multi-factor authentication (MFA)?
Many organizations take significant steps to secure their internal networks, but those security controls do not necessarily extend outside the office. Employees may inadvertently bypass these security controls as they access corporate resources from new devices and new networks.
In addition, consider that your employees may not only be working from their home, but from a cafe, airport, or any other location. This increases the chances of an employee’s device being lost or stolen, potentially allowing a bad actor to access sensitive corporate data.
What access policies should I set for remote workers?
Once you have deployed SSO and MFA to all your employees, consider creating more granular access policies based on user, device, network and location context. Ideally, you can create granular access policies that align the strength of the policy to the potential risk associated with the login. Examples of these policies include:
Disallowing POP/IMAP based authentication to Office 365
POP/IMAP protocols bypass multi-factor authentication requirements. Because of this, it’s best to block access to Office 365 from these protocols altogether.
Creating network blocklists
If your organization needs to block access from known bad networks, tor browsers, or risk geolocations, create policies that either deny access or prompt for MFA when a user accesses their apps from these types of networks.
Email notifications for end users
End user visibility is important. As remote employees may need to access corporate resources across different device types, it’s helpful to have notifications sent to users when suspicious or infrequent activity like new device logins, mfa enrollment, or MFA reset is detected on their account.
Enable managed device checks for mobile and desktop devices
A remote workforce means you’ll likely need to allow Bring Your Own Device (BYOD) to eliminate any sort of end user friction when accessing apps. To ensure that only known, managed devices are accessing corporate resources, integrate your SSO solution with an endpoint management vendor to deny access or prompt end users for enrollment on unmanaged devices.
Download Whitepaper to Learn More about:
- Remote Workforce for Success
- and Security