Working from home goes viral in the age of coronavirus
This is a guest post by Corey Williams, Vice President of Strategy for Idaptive.
This has happened fast. Just a short time after the SARS-CoV-2 coronavirus that causes the COVID-19 disease emerged, the spread of the pathogen has reached a pandemic according to the World Health Organization.
To limit more infections and the impact of the virus, the entire world is now rapidly changing their work and social interactions in new and unprecedented ways. Cities have been ordered to now “stay at home” and can only venture out for essentials (and must keep six-feet away from others when they do). Marquee sporting events, including the Tokyo Olympics, have been postponed or canceled, as the world extends travel bans and weighs more stringent measures to contain the outbreak. The consensus is that the worst may still be yet to come.
As a direct result of this unprecedented situation, we are also witnessing the largest shift in work culture in our lifetimes. Most companies have asked some or all employees to work from home for at least the next few weeks. This great migration is putting to test everything we know about remote work and collaboration tools. Are businesses capable of supporting the largest increase of remote and mobile workers the world has ever seen?
We’re going to find out in real-time, and once the crisis subsides, whether or not the residual effect of this experiment will be a permanent increase in the number and type of remote workers. For now, here are a few considerations that can help businesses rapidly scale support for work-from-home employees in the time of coronavirus.
No one has a playbook for this
The ugly truth is that most companies are either unprepared — or at the least, underprepared — to support an all-at-once influx of remote workers. From simple things like getting employees to bring work laptops home (don’t forget power chargers!) to making sure they can access critical work apps securely — there’s a lot for businesses and their IT teams to do, and not much time to do it.
Loads of companies are up and running with productivity tools such as Slack or Microsoft teams, Zoom web conferencing and file-sharing “boxes” like Dropbox. Coronavirus-spurred work from home will put those collaboration platforms to the test, and companies will learn a lot about how well they function when they’re not all together (for better or worse).
But how employees stay connected and work together is just one piece of the puzzle. There’s also the immense technical challenge for IT to make sure workers have access to the apps, services, networks and systems they need to perform their jobs — and to do so in a way that doesn’t compromise security.
Those companies who are already completely cloud-based may be in a better position to support remote workers, but what about the rest of the businesses out there? Most are hybrid, supporting both on-premise and cloud apps. What options do they have?
Provide easy access to on-premise apps and resources
The good news is that 100% remote work is possible, even for companies that are not cloud-native. One option is to provide a virtual private network (VPN) connection. While this can be a quick solution, the fact remains that most companies probably didn’t plan for their VPN infrastructure to scale to this number of employees working all at once. Keep in mind — VPN connections are a blunt instrument, exposing large swaths of the corporate network when only limited access to certain critical applications is needed. So if widespread use of VPN is the short term-plan, consider protecting all VPN connections with multi-factor authentication rather than just passwords alone.
A better solution is to consider using a remote access gateway that only exposes specific internal applications to only the workers that need access, and without exposing the entire corporate network over a VPN connection. This approach can eliminate the risk inherent in VPN solutions with secure, behind-the-firewall access to on-premises applications.
Adopt Single Sign-on to avoid lockouts
Don’t forget that this enormous shift to remote work will be new for many workers. While adopting cloud apps makes working from home or remotely easier than ever before, the growth in the number of associated accounts created many headaches for users who frequently forget their passwords or lock their accounts. IT is burdened not only by correcting these mistakes but also with provisioning and de-provisioning the accounts manually across all of these apps.
Using Single Sign-on (SSO), access to applications is simplified as users log in once to a web portal to request access to all the resources and assigned applications needed to do their jobs. Cloud-based password reset and account unlock give users self-service options to reset passwords or unlock accounts. This reduces the burden on IT departments, as the volume of password-related help desk calls and tickets decreases.
Ensure secure access with adaptive multi-factor authentication and machine learning
With so many employees working from home, businesses no longer have the control and context of the corporate network. To prevent identity-related breaches, companies need additional security controls such as Multi-factor Authentication (MFA), and the stronger security controls are, the more steps users need to take to gain access to the resources they need. This can ultimately impact user productivity.
One solution that provides both security and great user experience is adaptive MFA. Unlike traditional MFA, adaptive MFA leverages device, network, location, and other contexts to assign risk to each access event and allow the creation of access policies that are only triggered when risk is deemed high. When used together, SSO and adaptive MFA enable companies to realize the advantages of SSO while still minimizing the risk.
In addition, user behavior analytics can cover the biggest issue with most MFA solutions: that they allow users to skip extra authentication prompts when certain conditions are true, such as working from the corporate network. A risk-based machine learning system can observe and determine the “normal” behavior of a worker, like working from a home location during normal hours, and deem that a lower risk that requires far less friction than a brand new location during the middle of the night, which should prompt for more factors of authentication.
While COVID-19 might be the unfortunate trigger of an emergency response plan designed to support a temporarily remote workforce, this rapid migration away from the office will most likely produce permanent, long-term changes in both productivity and security — especially if the new remote work culture becomes the norm.
As the government and healthcare experts work to “flatten the curve” and delay the spread of this disease, the long-term effects of coronavirus could drag on for months, quarters or even become a new seasonal reality for workers across the globe. As time passes, malicious actors hoping to gain access to business services and networks will look to capitalize on the new vulnerabilities of mass remote work. For any remote access solution, identity and access management are paramount. Not only to enable remote work at scale, but also to safeguard the business from a new vector of attack.
About the author
Corey Williams is Vice President of Strategy and lead evangelist for Idaptive . He served as the Senior Director of Products and Marketing for more than a decade at Centrify where he was the visionary behind, and the first product manager of, the set of products that were ultimately spun out of Centrify to become Idaptive.
DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of Biometric Update.