These are unprecedented and certainly very difficult times for people and businesses, but these are not completely uncharted times. Many businesses have already had a focus on their employees’ working agility and a long-term vision for collaboration and productivity in disaster scenarios, such as the current office closures faced by many.
When we think of Disaster Recovery (DR), or enacting Business Continuity Plans (BCP), we generally think of building fires, technical failures or electrical outages, but a pandemic shares many challenges with the more orthodox BCP scenarios and therefore many existing DR/BCP solutions fit well with recent events.
Right now, a quarter or more of the world’s population is under ‘lockdown’ and businesses that do not already have systems in place to enable effective/secure productivity and collaboration (either by Software-as-a-Service (SaaS) or remote access tools) are clamouring to stand-up services as best they can.
Microsoft Teams consumption has doubled from November 2019 to March 2020, in no small part due to the COVID-19. However, these products alone are only half the picture. Many people still need access to their desktop ‘fat’ clients and to corporate shares on localised storage using traditional Network Attached Storage (NAS). For some this is via virtual desktops and for others this is their laptop/desktop requiring remote access to internal resources – or even a mix of the two.
For ease, cost and speed, it’s clear that companies are often turning to free and/or consumer grade products for remote worker productivity, which may not meet basic security requirements - never mind compliance - such as GDPR. Businesses should be in no doubt that GDPR is as legally enforceable as it was before COVID-19, and yes, even after Brexit. Make sure the products you are using come from a vendor with a suitable pedigree and with a proven track record for security implementation and product development.
There are so many products and solutions that it’s not possible to discuss them in a single blog. I will focus in this instance on remote access Virtual Private Networks (VPN). Next time I will look at cloud-based collaboration. Some security best practice principles are understandably transferable between many remote and cloud tools – so apologies for ever sounding like a stuck record - ever.
Here are some tips, considerations and musts for meeting the security challenges of a remote access VPN solution:
Novosco, a CANCOM company, are a multi-vendor solution-focussed technology supplier. As mentioned, many vendors have spun up offerings to assist business in achieving secure remote access. Cisco are offering a suite of products with extended free trials, as well as allowing existing customers to flex their license counts to meet the dramatic rise in remote access requirements.
Further details from Cisco can be found here. As a Premier Cisco Partner, we are best placed to assist and advise on how to get functionality out of these offerings, as well as a secure deployment.
Novosco has a proven record of delivering remote access, virtual infrastructure, collaboration, continuity plans, disaster recovery and more. We have always ensured that the vital principles of security run through all our customer solutions. If you need assistance, then please reach out and we will be happy to offer help from our wealth of cross-vendor experience. Always consider that good security is a multi-tiered holistic approach. For example, email delivery is still one of the top attack vectors for cyber criminals. Businesses must consider all angles.
Finally, some essential reading on meeting these new challenges securely can be found from the National Cyber Security Centre (NCSC) here. Remember, these new remote working practices have inherent security blind spots. Opportunists will try and exploit fledgling remote working solutions that are not yet securely defined.
Please keep safe, keep happy and keep indoors (where possible of course). It could be a long summer.
- Written by Rick Hagan, Senior Technical Consultant at Novosco.