Lockdown and shelter-in-place orders associated with the COVID-19 pandemic have forced businesses of all sizes to confront companywide work-from-home mandates, causing massive increases in internet traffic coming through corporate firewalls to virtual private networks (VPNs). Today’s corporate VPNs were designed for a low percentage of remote workers who may be traveling on business or logging in from home after hours. They were certainly not architected to handle a large majority of a company’s employees, in some cases 100%, accessing VPNs remotely. Fortunately, many security devices, such as virtual firewalls, can act as virtual private network (VPN) aggregators to increase VPN capacity for remote workers accessing on-premises and cloud-based IT applications.
As organizations attempt to scale firewalls to act in this manner, they must consider how to protect their company’s digital assets and enforce corporate policies (due to the increase in attack surface) in order to securely access cloud-based services, such as shared data, applications and collaboration tools. They must also consider how to scale up these new VPN resources to prevent congestion and bottlenecks as a result of the significantly increased usage.
To empower at-home employees to work productively and safely, as well as to prepare the organization for future challenges, businesses must understand how to ensure remote access performance and security at enterprise scale. Here are four best practices for ensuring your company gets remote access right.
Scaling Remote Workforce & Online Collaboration
Privately and securely connect to Zoom, WebEx, DropBox and hundreds of application, cloud service, network and other providers. Quickly and easily interconnect workers, customers and critical cloud services to meet fast-changing business demands.Read More
Today’s corporate VPNs were designed for a low percentage of remote workers who may be traveling on business or logging in from home after hours.
1. If you don’t have a business continuity plan, create one. If you have one, make sure it reflects today’s reality
Organizations have always faced several potential emergency situations: floods, hurricanes, earthquakes, power outages and more. The current pandemic has brought home just how critical it is to have a plan in place to deal with such emergencies on an unprecedented scale. A business continuity plan (BCP) ensures an organization has thought through the widest variety of possible scenarios and has processes and procedures in place to maintain operations should the worst occur. One important lesson from the pandemic is that the business must be agile enough to quickly scale remote access in a secure manner. A BCP would detail how this is to be done: who owns the decision making, which tools and vendors to use, how to scale for different use cases, etc.
2. As part of the BCP, completely rethink remote access
Upon completion of implementing fundamental emergency measures (such as WHO recommendations, employee travel bans, etc.), a well thought through BCP should consider infrastructure risks by ensuring corporate systems can be managed remotely without the physical presence of employees, mapping single points of failure in the case of remote operations and designing appropriate countermeasures, analyzing key roles that require on-site access, and much more.
One of the largest and most important items to consider after the initial emergency measures is employee remote access. Employees working remotely will create stress on multiple systems. The IT organization should, at a minimum, follow these guidelines as part of the BCP:
- Check security and monitoring of applications for remote access.
- Test applications for remote access (i.e., VPN connectivity) with patches and hardening.
- Perform an awareness campaign for specific cases of social engineering attacks in communications related to the crisis.
- Set up sufficient IT support for remotely working employees.
- Make it a top management goal to prioritize access to corporate systems
- Review the number of application licenses that deliver remote access.
Beyond these initial steps, the IT organization should ensure that their remote workers immediately have access to the corporate tools they need to perform their role. To accomplish this, they need to:
- Quickly establish secure internet connectivity close to where their remote workers are, given they have not done so already.
- Enable remote workforce productivity tools.
- Instantly scale VPN capacity to handle surging demand.
Let’s take a look at the latter two steps in more depth.
3. Tools for remote teams to stay productive and connected
To ensure that remote employees stay productive and handle their job responsibilities well, they must be enabled with the proper tooling. This includes instant messaging to stay in touch with each other, audio/video conferencing to share screens, project management software, time tracking, file sharing, and more using tools such as Microsoft Teams, Cisco Webex and Zoom.
When implementing these tools, Equinix recommends directly and securely interconnecting to them when high performance and low latency are primary considerations. Businesses can quickly and easily establish data center-to-data center network connections on demand between multiple locations to provide optimal performance between remote workers and these productivity tools and between remote workers and corporate offices. Equinix Fabric™ dynamically connects distributed infrastructure and digital ecosystems globally on Platform Equinix® via high-speed, low-latency private software-defined interconnection.
4. Increase VPN capacity and scalability by leveraging Equinix Network Edge
As mentioned previously, the BCP should also account for a higher load of employees working remotely, as most corporate VPNs today were never architected to handle most or all employees accessing VPNs remotely. As a result, organizations need to scale up their VPN capabilities quickly. A new network strategy based on virtual security devices enables companies to scale immediately by spinning up additional secure remote access capabilities in minutes, not hours or days, while providing remote workers with closer access to network and cloud services to maintain optimal performance.
Equinix works with partners, including Cisco, Fortinet, Juniper, Palo Alto/CloudGenix, Versa and VMware/Velocloud, to provide private access to virtual network security capabilities using Network Edge services from Equinix. Network Edge, a virtual network service platform, enables businesses to deploy, scale and centrally manage VPN and firewall connectivity, and other network functions virtualization (NFV) services wherever they are required on-demand. Network Edge is offered as a service and can be cost-effectively scaled with no CAPEX or additional physical hardware. Network Edge services also enable fast and safe access to clouds on Platform Equinix, regardless of their location.
The COVID-19 pandemic has taught us that businesses must be prepared for anything, including wholesale disruption of where employees need to work from – across the entire enterprise, all at the same time. However, by following remote access best practices, companies can meet the performance and security challenges of the current work-from-home environment and prepare the organization for growth in a rapidly changing world.
For more information on how to do remote access right, visit Scaling Remote Workforce & Online Collaboration.
You also may want to read: