SmartAdvice: Telecommuting A Boon With Proper Safeguards And Training - InformationWeek
IoT
IoT
Infrastructure
Commentary
2/25/2005
06:50 PM
Commentary
Commentary
Commentary
50%
50%

SmartAdvice: Telecommuting A Boon With Proper Safeguards And Training

Make telecommuting a privilege and focus on training and security for a successful experience, The Advisory Council says. Also, look for range of services and experience from a data-center-relocation services provider.

Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers two questions of core interest to you, ranging from leadership advice to enterprise strategies to how to deal with vendors. Submit questions directly to smartadvice@tacadvisory.com


Question A: What technical and security issues should we consider when setting up a telecommuting program?

Our advice: With the increasingly global economy, businesses are dependent on their staff and customers being able to access potentially sensitive business data from anywhere in the world. As a corollary, once they've enabled remote access, many companies have found that telecommuting can improve staff productivity and response time, while reducing fixed costs in office space requirements. Implementing a viable and secure remote-access policy requires the use of appropriate security systems and tools, proper levels of IT support, plus a knowledgeable workforce, or your company could be vulnerable to serious security problems. Fortunately, with careful planning, businesses can implement a secure remote-access policy successfully.

The foremost technical challenge in implementing a remote-access and telecommuting policy is securing access to sensitive company data. Until recently, the most common solution was an IPsec (Internet Protocol Security) or Point-to-Point Tunneling Protocol VPN, where the remote computer becomes a virtual node on the internal network. Although great in theory, in reality the technology requires often clumsy client software loaded on potentially improperly secured computers. In addition, because an IPsec VPN encrypts every network packet, it often degrades network performance on lower-speed home or remote Internet connections. If a large percentage of your workforce already has company-owned laptops, and proper training in basic computer security, this technology can be successfully implemented.

Related Links

Best Practices For Supporting Home Users

Telecommuting: Keeping Data Safe and Secure

SSL VPNs: No Compromise?



However, if you're planning to allow staff access to internal data from public kiosks or home equipment, you should consider deploying a Secure Sockets Layer VPN. SSL VPN, which is based on the widely used Web security technology SSL, offers the advantage that it's designed to deliver secure access to your internal systems at the individual user and application level without requiring special client software. This gives you the granularity to develop access policies based on individual roles and responsibilities. Some of the newer systems offer client-aware software that checks if the connecting computer has the proper security systems or applications installed. If the system fails to detect antivirus or other protection, it can deny or limit access. The tradeoff is higher IT administrative overhead to manage often complex security and access policies. Since SSL VPN is relatively new, many of the systems are still proprietary, and integration with applications is hit-or-miss. For companies that have fairly simple access requirements and the right mix of applications, SSL VPN can offer powerful and highly granular access security at a reasonable cost.

No matter how advanced the technology, remote-access policies are dependent on proper staff training and expectations. Remote users require more IT support because they're away from the informal coworker support network. This can be mitigated by better application training and certification; however, treat remote access as a privilege, not a requirement, and you'll achieve higher levels of productivity and a more-satisfied workforce. If employees understand that maintaining current antivirus software and secure firewall settings is in everybody's best interest, then administrative overhead can be minimized.

Telecommuting and remote access can be a viable option for your business, if you're careful to implement a proper staff-training program, have a solid understanding of staff access by application and user type, and are willing to devote the resources required to maintain proper security policies.

-- Beth Cohen

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll