Categories
Leadership Security

Coronavirus / COVID-19 creates new remote workers

Originally published by me on 4-Mar-2020 on LinkedIn.

Panicking about COVID-19 is silly. But saying it’s all overblown and it’s nothing to worry about and “people-just-wash-your-hands” is silly, too. 

Preparing is wise. 

The latest estimate is that a vaccine could be available in “months.” And even if it’s not this coronavirus that causes the need, something could necessitate it. So it’s at least worth talking about.

IT & InfoSec Leaders: Are you equipped for what would happen if your staff suddenly becomes 100% remote? Obviously not every business could function with a purely remote workforce. There are roles in service, healthcare, manufacturing, construction, and myriad other industries that simply can’t be done from home. But many roles can survive with a much higher percentage of people working in their PJs. 

It seems inconceivable in our society that circumstances could necessitate mass quarantine, but that’s exactly what’s been happening in some parts of China. Thousands of information workers, stuck at home without the means to work – no laptops and no infrastructure to support a 100% remote workforce.

Can we learn from this before it’s too late? Several industry peers are discussing this, and I’m curious to hear what people in my network are doing to prepare. 

Virtual Private Networking for EVERYONE AND EVERYTHING

No alt text provided for this image

Are you prepared for when every endpoint in the galaxy wants to connect to your network via VPN so business can continue? 

  • What happens when Bob from Legal wants to install the VPN client on his Windows XP machine and wants to connect? 
  • Is your Data Classification or DLP program ready? 
  • Is your Network Access Control infrastructure ready? 
  • Does your MDM program scale when everyone needs email on their phone right now?
  • How can you ensure compliance with regulatory and legal standards? 
  • How do you ensure that any certifications (e.g. ISO 27001) are still valid when the landscape changes so drastically?

What about VDI?

A Virtual Desktop Infrastructure is surely preferable to trying to secure the Acer laptop Linda in accounting got for Christmas of 2003, right? 

  • Do you have a VDI solution in place? 
  • If it is in place, but only for a limited subset of users and use cases, is it prepared to scale for a massive increase in volume? 
  • Can your servers and licenses sustain that kind of increase? 
  • If you don’t yet have VDI in place, are you accelerating any future plans for VDI or remote workforce controls to accommodate for what could happen? 

Other Solutions?

Vendors like Zscaler offer solutions such as ZPA that promise to render the classic VPN solutions obsolete, defaulting to a zero-trust model. Are you exploring any solutions like this?

Really interested in hearing what, if any, considerations you’re making. 

#security #management #infosec #cybersecurity #accesscontrol #vdi #dataclassification#remoteworkforce #areyouprepared #coronavirus #covid19

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.