Alain Penel, Regional VP, Fortinet, explains how organisations can do their part to ensure Business Continuity during the COVID-19 pandemic.
As organisations suddenly find themselves responding to a massive increase in remote workers, immediate attention has necessarily been focused on maintaining and enhancing VPN infrastructure. But transitioning administrative staff, technical support teams, HR, marketing departments and other employees, who traditionally work from a physical office to alternate work sites creates a significant security challenge for organisations. To address this concern, organisations must deploy a Business Continuity strategy that can support a remote workforce with little or no notice, without compromising network security. Business Continuity also means that organisations should be capable of maintaining normal levels of productivity, relying on solutions easily deployable and configurable, ideally with zero touch provisioning, to enable a quick transition to a remote workforce while maintaining full security visibility and control regardless of their deployment environment.
The first step is to ensure that remote workers have the ability to connect securely to the enterprise network, accessing emails, Internet, teleconferencing, limited file sharing, but traffic between the teleworker and the enterprise network could be intercepted and potentially modified by an eavesdropper. As a result, organisations must make sure teleworkers can connect to their organisations remotely with virtual private network (VPN) software. This software, which is likely already included on the employee’s endpoint computer, will enable snoop-resistant connectivity to remote company applications and data, ensuring maximum protection of assets. Another major requirement is employing multi-factor authentication (MFA) which is critical to protecting data. MFA could come in the form of combining something the remote user possesses – like a ‘token’ on a cell phone – with something this person knows – like a password. This strategy will provide an extra level of security that ensures the user is the authorised employee he or she claims to be.
When employees are working on-site, securing their connections to cloud-based resources using on-site security appliances is logical since traffic already passes through the network perimeter. However, remote workers are connecting from outside the network with traffic bound for the cloud. The addition of cybersecurity solutions, such as the ability to support secure SSL connections from any browser to the cloud, enable users to securely access these applications and related data stored in the cloud without increasing complexity for the users or the security operations team. Leveraging tunneling capabilities available in SSL VPN can help organisations seamlessly extend security out to a large remote workforce connectivity solution while also using common network security practices that are likely in place in organisations with large user offices.
As we navigate through largely uncharted waters during these unprecedented times, it is critical that organisations do their part in securing customer data, employee operations and Business Continuity as best as possible. By leveraging security tools and resources, such as those offered through Fortinet, business leaders can establish best practices and get the support they need to protect their organisations during these times of rapidly evolving workplace operations.