Blog / Working From Home Best Practices Amid COVID-19 Outbreak – Make Sure You Follow Them!
With our nation in a state of emergency, many organizations are allowing their employees to work from home. But that doesn’t come without its challenges, and not every company is adequately prepared.
You can’t just flip a switch and say: “Okay, it’s fine to work from home”. It’s not that simple, even in the hi-tech world of computers. There are a bunch of things you need to make sure are set-up properly. If you don’t, then AT BEST, things won’t work; AT WORST, you open yourself up to the world.
Since a lot of outfits are scrambling to implement this set-up, TRINUS has tasked me with putting together a list of recommendations and things to watch out for, when doing this. Before we get into that list, here is my first proposal:
CALM DOWN AND BE PATIENT.
There’ll be unexpected difficulties and expenses. Accept that, take a deep breath, and move on. This is going to be true for everyone: from front-line staff to CEO’s, and everybody else.
1) Make sure that Remote Access is done through a VPN (Virtual Private Network.)
DO NOT HAVE RDP (Remote Desktop) OPEN TO THE INTERNET! It’s a simple mistake to make, as it’s easier to set-up, easier on the users (no software installation required; simple instructions) but DO NOT DO THIS. Remote Desktop is not a secure Communications Protocol, so having it open to the Internet is a massive liability. Make sure that users connect to a VPN or SSLVPN (an enhanced VPN), before hooking-up to internal resources. After connecting to a VPN, Remote Desktop is fine.
2) All outside access should require Two Factor Authentication.
The VPN login that people will use needs to be set-up with some form of Two Factor Authentication. Username and password aren’t enough to be considered good Security, when it comes to connecting to your internal resources from the outside. You may be in a rush, but that is no excuse to open yourself up to easy exploitation. Setting up Two Factor Authentication is not difficult, and only carries a small monthly cost. I cannot stress enough how much this will improve your Security.
3) Do proper Capacity Planning.
“Everyone works from home” is an easy thing to say. However, it’s not as simple as that. There are a lot of things that you need to look at that may not have been planned for or even thought of, due to the current situation. Here are some questions to ask, when it comes to your organization’s capacity:
a) Can your VPN device handle all of your employees connecting at the same time?
Some gadgets require licenses for VPN connections. Others do not; but will still have a maximum number that can be supported. You should take a good look at this and confirm that the number of people working from home is even possible with current equipment. If not, then fixing it will require some emergency purchasing.
b) Is your Internet connection fast enough?
Having a couple of people connect through a VPN is manageable with medium-speed Internet access. However, this won’t be only two persons… it’s going to take a lot of them! Your IT team needs to monitor traffic levels and how much bandwidth your connection is capable of, because this could be a huge increase. The existing services you have still need to function just as well with an increased load (Email, Websites, Etc.) It may be possible to fix this with some traffic-shaping but, depending on the numbers, it could also require some increased spending for more Internet bandwidth. The key is to get a synchronous connection; the same up-and-download speeds. If you have a choice, fiber is usually the best.
c) Is your equipment properly set-up for remote access?
Logging-in to a computer you’re in front of, is very different than logging-in remotely; both from a configuration perspective and a licensing one. Due to the number of people and jobs being handled remotely, it’s entirely possible that even if you possess any kind of remote access already, it may not be set-up in a way to allow each role to function properly.
d) Are you going to run out of IP addresses?
Network Administrators know that when a device connects through a VPN, it becomes a machine on your network, just like any other PC. When a device connects through a VPN, it becomes a machine on your network just like any other PC. There is a maximum number of IP addresses that your network can manage, and it depends on its configuration. If everyone is connected at the same time, you might run-out of IP addresses. This is an easy issue to check and correct, so it should be taken care of before it becomes a problem. As a side note, most of my friends work in the IT field and I have heard first hand accounts of outfits which, during the present COVID-19 circumstances, have regrettably failed to take some of these capacity-planning steps.
4) Don’t let your VPN users have too much access.
It’s tempting to simply set things up, so that users connecting to the VPN can go anywhere in your network. That certainly makes everyone’s life easier, but not safer. Don’t allow remote users any more access than the amount they would need to do their jobs. This means that they could most likely have less of an entry than what they would enjoy at the office; albeit sufficiently to perform their work. Likewise, the access to critical applications, such as financial and accounting software, should be restricted, or for that matter, any application that stores client information.
5) Make sure your licensing is in order.
Software licensing is very important. Some only care about the number of users; other software makes a very clear distinction between remote users and those sitting down in front of computers they are installed at. You need to make sure that your licensing is appropriate for the manner in which you are using the software. Even if it works without errors, you may be violating the user license, which could lead to a nasty surprise, once this pandemic has passed.
So, that’s it from a technical standpoint. There are some extra things you need to make sure are handled correctly, from a management and people perspective:
6) Everyone needs to know people’s contact numbers and emails.
Since they are not in the office, you don’t have the option to walk down the hall and knock on someone’s door. Also, if there’s a phone system in the office, people likely don’t have access to it from their homes. Make sure that accurate contact information is communicated to your staff, so that they can get in touch with people, when needed.
7) Have regular meetings.
It’s easy for people working remotely to feel disconnected from the organization. Keeping them linked-up with regular meetings that make good use of video conferencing, is a good idea. This is especially important at the beginning of the process, as people are adjusting to the setup and may be running into difficulties. Just be careful not to overdo it.
8) Don’t assume that your staff is keeping up with the news.
Encourage them to do this on their own, but don’t make any assumptions. As an organization, you should be monitoring the situation very closely, making decisions based on how it changes. Your staff should not be responsible for telling you what’s going on with the epidemic. Since you’re keeping tabs on what’s happening with COVID-19, you should be communicating changes and updates to your team, as well as looking for information impacting your establishment and useful to the personnel. Thus, please pass the information along.
If you have any questions about setting-up Remote Access, please reach out to your TRINUS Account Manager for some stress-free IT.
By Kind Courtesy of Your Friendly Neighbourhood Cyber-Man.