NetEffect's Founder and CEO, David Rounds joins Vegas Video Networks on a discussion about network security and what small business owners and executives should be thinking about during the time of COVID-19.
Many large businesses have systems that have been in place for some time to allow workers to work remotely. The ability to work remotely has grown exponentially with the proliferation of Hotsted/SaaS applications for most business industries. However, not all applications and files have been moved to Hosted/SaaS applications, and if you are a smaller business, your systems may not be ready to allow all of your workers from home in a secure way. It is important to make sure that your infrastructure is ready and can handle the load. It seems simple enough. However, many caveats could potentially put your business at risk at one of the most inconvenient times.
Why can’t I just use a free app?
There are few applications that allow a user to install some software on their desktop at work and then remotely access the desktop from home. These are great in concept but comes with some huge security risks. If the business IT department or Outsourced IT department does not have a way to manage and monitor the remote access software, then they could be opening the door to the internet for malicious actors to get access to the business network. If the choice is to use a remote access software, then do some research and make sure an IT Professional can centrally manage the application. This will ensure they can be on the lookout for any suspicious activity and enforce STRONG passwords.
Ok, so no free app, what options do I have?
The best option is to have a Microsoft Remote Desktop Server with a Remote Desktop Gateway. This option is one or more servers depending on the number of users configured to allow multiple users to access network resources remotely while having a very similar visual experience of a full desktop. Mostly, the users have the full speed access just like they were at the office, and they connect to their own virtual desktop experience on the server. Also, there is minimal internet bandwidth required on the business or user side. This is frankly one of the most secure solutions and the easiest to maintain once it has been initially set up. Many business use this today when they were working their offices because it allows for less day-today support of user desktop machines, and the desktop machines they need to connect can cost significantly less.
The downside of this solution is that an IT Professional must set it up and the initial costs. It could require additional hardware and will definitely require some licensing. To secure this properly, you should also use MFA/2FA for user authentication to the network.
I don’t have the capital for that, what options do I have?
The next best way may be allowing your users to “dial-in” using a VPN. This is a great solution if you have a business-grade firewall. The licensing, if needed, is not usually that expensive. However, this solution does have it’s own problems. The number one problem is security. Most businesses do not have enough laptops to give one to all of their staff. The seemingly simple solution is to let the users “dial-in” using their home PCs. This is where the problem gets worse. If you allow the users to use their home PCs, then any vulnerability, lack of patching, out-of-date virus software, or compromised machines can now infect your business network. You are virtually, allowing everybody to bring their home machine to work and plug into your network at the office. Security has now been thrown out the window! So if the decision is to use this solution, it is important to make sure that all of the user home machines have current Anti-Virus software, are patched, and running Windows 10 or above. If you cannot monitor and manage these things, then this is not the best solution, and you are putting your company at further risk. If you already have enough company-owned machines, then this will work just fine.
Another caveat about using a VPN for remote access is the amount of Internet bandwidth needed for both the business and the end-user. Depending on what the end-user is doing at home, the kids streaming videos or playing video games at home may be complaining, and they will be definitely slowing down the user at home from being productive. Whether this is significantly noticeable or not will depend on how much you pay for the internet at each business location and home location.
Summary:
Clearly, there are many ways more than discussed here to grant remote access to business employees. No solution is perfect, they will call come with some caveats and will need some research to find out what makes the most sense for security, productivity, and financially. Ask your IT Department or IT Provider if you are ready, or give us a call!
