In the early days of Shelter-in-Place, Hybridge’s focus was entirely on helping our clients stay in business, which meant setting up their employees to work from home. We deployed a variety of solutions to achieve this including of course lots of Cloud-native apps that don’t require a remote office connection, and for those who still have some legacy on-site resources Microsoft Remote Desktop, Meraki VPN, Chrome Remote Desktop, Splashtop, and redeploying older computers for home use.
Now it is clear that we are in a new normal of work from anywhere, and particularly work from home, we have been helping our clients tighten up security in the various work-from-home scenarios.
Home computers usually are not equipped with the same endpoint security and monitoring software that enterprise computers have as a standard. Also, they are often used by people inexperienced in defending against the threats of the Internet, of those who don’t fully appreciate the implications of a breach. It only takes one click or download to compromise a computer. This exposes home computers, and any networks and applications they connect to, to outside threats.
A VPN connection is an unlimited connection from a network or computer to an office network. It gives unfettered access for any application, including any malicious applications, to the office network and all the computers and servers on it. This is why VPNs should only be used to connect Firm-owned and managed computers, and only when assets in an office or accessible via an office connection, have to be accessed by that specific user. As a general connectivity solution VPNs weaken your security posture and make it harder to see when a device is compromised.
In executing for the new normal, Hybridge’s recommended priorities are:
- Migrate any remaining on-premise applications to Cloud-native equivalents. This includes phone systems, server shared drives, even QuickBooks
- No home computer use for Firm business, instead use work laptops, Chromebooks, or iPads
- Replace any dusted-off Windows 7 computers redeployed for home use with new Windows 10, MacOS, or Chromebook computers
- Never use a site-to-site VPN to connect home networks to Firm networks, and if you use client VPN ensure it is full tunnel to prevent leakage from home networks to Firm networks
This new “work from anywhere” normal magnifies the benefits of a fully cloud-native platform, and also magnifies the risks of a legacy on-premise environment, especially when you have employees connecting in from insecure home networks. If you are not already a Hybridge client, please contact us and we’ll be glad to enable your team to work securely and effectively from anywhere.