April 06, 2020
April 06, 2020
Contributor: Katie Costello
COVID-19 is changing the way employees work and allowing remote access to make a comeback for security and risk management leaders.
Over the past two decades, remote access became a stable, but often neglected, technology. Now, coronavirus (COVID-19) changed the way employees need to work. Organizations now have old virtual private network (VPN) technologies lacking the required licenses, updated features and adequate bandwidth to support all users working remotely and simultaneously.
“Corporate VPN is an aging technology as organizations shift to more cloud-based services,” says Rob Smith, Senior Director Analyst, Gartner. “However, in the wake of the global coronavirus pandemic, companies are realizing they have to fundamentally change the way they work. For security and risk management leaders, this means grappling with the best course of action to solve the challenges of large-scale modern remote access.”
Read more: With Coronavirus In Mind, Is Your Organization Ready for Remote Work?
As companies support more work-from-home employees, they must have the right technology in place to ensure avoid poor performance and ensure secure access. Ask these four questions before deploying modern high-volume remote access products.
All users are not equal. Some require more bandwidth than others, like executives or mission-critical employees with above-average data analysis needs. A user’s job function needs to be considered when defining any remote use case.
“Employees who simply check email will have different demands from those downloading and analyzing large sets of sensitive data,” says Smith. “Even if there is an existing, workable product in place today, it still may not be optimal for providing the best experience for all users.”
Usability and security vary widely across the spectrum of available remote devices, like laptops and mobile devices. A corporate-owned PC is much easier to secure than a personally owned smartphone on which users are conducting concurrent activities and accessing websites that are potentially out of policy.
“Remote workers must ensure the same, if not a greater, level of security for all company networks and data access, documents or otherwise confidential information that might be displayed on a home office computer screen,” says Smith. “If security requirements prohibit storing data on individual personal devices, virtualization is an ideal option.”
From a performance perspective, employees using dedicated cloud applications and having an always-on VPN to the corporate network would not make as much sense as using a cloud access security broker (CASB). The way in which users access applications and data — either through on-premises or via the cloud — makes a difference when choosing remote access services.
Data security, labor and privacy laws differ across countries and state/local jurisdictions, which creates an added layer of complexity when choosing offline data storage choices, and thus the remote access solution.
Read more: Coronavirus: CIO Areas of Focus During the COVID-19 Outbreak
After determining use cases and technology, build an end-user remote access policy with buy-in from all business units. If this is an urgent issue, like COVID-19, the policy must be escalated to legal counsel. Ensure that simple and local language is used, and stress the importance of employees physically signing the policy document as soon as possible.
Join your peers for the unveiling of the latest insights at Gartner conferences.
Recommended resources for Gartner clients*:
Solving the Challenges of Modern Remote Access
*Note that some documents may not be available to all Gartner clients.