Keeping your remote workers secure off site

Derek Schauland

Security is extremely important in any organization and is something that employees in all areas are reminded about everywhere they turn…  setting strong passwords, frequently changing them, using smart cards, etc. However, much of this security is focused on those that work in the office, leaving remote workers out in the cold.

With an increasing number of organizations actually looking to improve the user experience for those employees that chose not to be entirely based in the office, how do you do that while ensuring the security of your systems?

This blog highlights some of the technologies available to help systems administrators provide a secure, “office like” experience for remote employees.

Virtual Private Networking (VPNs)
VPNs allow employees to connect – generally using a login or smart card – to the corporate network from anywhere with an Internet connection.  Many major networking vendors have this built into their hardware and the client components can be downloaded and configured (or are included).  Some of this hardware takes considerable knowledge to configure, which can impede implementation.  However there are other solutions that are sold as physical or virtual appliances with the sole function of providing VPN services.  These appliances do quite a good job of simplifying VPN technologies and providing a starting point to larger VPN implementations or other solutions.

Cloud Synchronized Services/Infrastructure
Cloud services provide many solutions as subscription based access rather than requiring an organization to purchase, develop, or manage an in-house solution to provide better remote access for all employees.  Using a cloud-based infrastructure, connections to the organization can be configured to allow remote users to authenticate against the cloud infrastructure. This way, logins can be processed for employees who are outside of the organization as well.

Using synchronization technologies, Active Directory information and file shares can be pushed up to the cloud to improve availability and bandwidth use for access to the resource in addition to allowing remote users access these items.

Microsoft Direct Access
Direct Access is a new technology that debuted in Windows Server 2008 to provide organizations with a way to allow employee’s laptops to connect to the home office whenever the system connects to the Internet.  In the 2008 version of Direct Access many additional requirements, including public IPv6 addressing, were needed to make the technology work.  In Windows Sever 2012 and later, the requirements have been changed to make configuration easier.  In addition to allowing employees to connect, it will also allow administrators to manage these systems while they are in the field.

Although technologies like VPN have been around for several years, the other methods are coming on strong.  They have fewer configurations on the user side, making them appealing for ease of client use and interaction. There will still be some work required on the admin side, as well as some possible cost to implement, but raising the overall experience to all of the users within an organization improves the work environment for remote workers.  They will feel less like second-class citizens and might even begin to see IT as a solid and helpful set of resources that makes their work experience better.