Secure Access in an Insecure World
April 27, 2020
Top 5 questions to ask when you’re selecting a remote access solution for your business.
With the recent pandemic, many organizations have been forced to quickly move their operations from a traditional office setting, to a remote workforce with little to no planning.
Remote Access can increase productivity and reduce cost but also can inherently carry a danger of being insecure if not implemented properly. Understanding your workers and their individual needs can make this transition much easier and safer for the entire organization.
Before choosing a remote access solution, take the following items into consideration first:
- What device(s) will my users need access from, and are they corporate or personal?
- What applications and data will my users need to be able to access?
- What type of bandwidth is required for this different user group?
- What is my deployment strategy and what resources are required to succeed?
- Where are my resources located? On-Premise, Cloud Based, US Based, Ex-US?
These key questions will enable you to make an informed decision on how you should move forward in choosing an access method to your corporate network. Once you have identified what the requirements are, you can build a rough deployment plan and see what is needed to execute it properly. With that information in hand you can then look at different solutions and see what fits best into what your organization can execute successfully.
Some remote access types to be considered are:
Client based VPN from the device to the Corporate network via secure tunnel. An always-On VPN connection is preferred so that the endpoint is in constant communication with any internal monitoring and subjected to firewall or other enforcement rules as if the user was in the office.
Zero trust network access (ZTNA), also known as the software-defined perimeter (SDP), is a set of technologies that operates on an adaptive trust model, where trust is never implicit, and access is granted on a “need-to-know,” least-privileged basis defined by policies.
Cloud Access Security Broker (CASB)
A cloud access security broker (CASB) is a software tool or service that sits between an organization’s on-premises infrastructure and a cloud provider’s infrastructure. A CASB acts as a gatekeeper, allowing the organization to extend the reach of their security policies beyond their own infrastructure.
Remote VDI Workspace
A virtual workspace running either using an on-premise or cloud-based infrastructure that allows the end-user to access the corporate network via an installed client on their workstation, or home PC that provides a “window” into the network without connecting the two sites. In many cases, even the ability to copy and paste data is restricted between the client and VDI workspace.
Based on your plan, it’s important to understand each option and take into consideration how your users will access the network and on what devices. No matter what direction you decide, MFA (Multifactor Authentication) is key to making sure that the entry points to your network are as secure as possible. Remember it only takes one bad decision to bring the digital workplace to its knees.
CPP is uniquely outfitted to assist customers in their transition to a remote workforce. We have the staff and expertise to help make the correct choices on infrastructure needs based on individual requirements. CPP can help you design, implement, maintain, secure and grow your environment from beginning to end.