“Swine Flu”, what a hot topic! The disease continues to progress and infects more and more people every day. Medical experts estimate an exponential number of new cases due to the summer period: We travel more across countries for holidays and meet more people, increasing the risk to catch the virus and bring it back at home.
The epidemic could have an adverse effect on your business: the management have to take into account the fact that a huge part of the team could be infected at the same time and affect normal day-to-day operations. The ISSA Belgian Chapter already talked about this topic during their last event.
To protect the company human resources, why not ask the team members to limit their travel and work from home? You, as a security or admin professional, could be asked to investigate as soon as possible how to propose an optimized remote access solution. Today’s users appreciate the possibility to work from home but not all users can benefit of it for multiple reasons.
If you plan to extend remote access to more people, take care of the following points:
- Split the teams between office and remote locations. Some applications cannot be easily accessed from the outside. For each teams, keep people on-site and keep the others at home for less critical jobs. If affected, you’ll have “backups”
- Maybe some extra hardware or software have to be deployed (tokens, installation of VPN clients or other agents?). This could take some time and increase the support workload (every user have to contact the IT support).
- Review access policies to grant the right access to the right people (no more, no less). Take time to review access by user profiles (tech, sales, admin, …)
- Review your remote access platforms: do you have enough licenses available? Do you have enough resources (for data encryption as network bandwidth) to handle the load generated by new remote users. Maybe you could rent temporary hardware or ask a demo license to your manufacturer during this critical period.
- The remote access platform will now become a business critical asset. Do you have a high-availability solution? Is proper monitoring already in place? A backup / restore procedure must be in place and tested.
- By allowing more users to work from remote location you extend the security perimeter. Risks are increased to have documents and data leaked.
- If you have enough laptops, try to force your users to connect using company laptop and not personal ones. Endpoint security products could increase the security by enforcing anti-virus presence or specific patch levels.
- Define clear communication channels and do not allow remote users to use untrusted applications or online services to exchange sensitive information (like Skype or Google Apps).
If you follow this bullet-points list, you should be able to face the Swine Flu epidemic on a pure network access point of view. Of course, it will not prevent you to follow basic hygiene rules to protect YOU! 😉