Now, however, governments are faced with figuring out how to ensure the full utilization of their workforce for an extended period of time, and with most of those employees based outside of the office – many from home – to ensure the continuity of government operations. From an IT perspective, it helps to break this challenge down into its components:
- The first component to consider is ensuring the endpoint security of a remote worker’s computing environment. This can be a home network with vulnerable IoT devices such as baby cams and doorbells attached, and family members using applications and platforms such as social media and gaming consoles that potentially introduce threats into the network. This entire operating environment is outside of the organization’s control, and brings a new meaning to the term ‘insider risk’. The key question is, “how do you isolate the remote worker’s device, or at least, ensure the integrity of any government data and operations in use on that device?”
- A second element is transmission security – this involves ensuring that government data is encrypted when it moves across the internet.
- A third element is the HQS or parent office. The networks of nearly all of these environments were designed with the expectation that employees would be working from inside the network perimeter. Does that network have the ability to absorb the number of connections expected from moving its workforce to a remote location? Can it handle those connections with acceptable latency, so that users don’t become frustrated by slow network performance? Can it ensure that these connections are secure and only available to authorized users?
Under these circumstances, cloud computing becomes an especially attractive option. For Federal users, TIC 3.0 permits direct connection to cloud-based resources – rather than having to route traffic back through the home agency – and it also allows the use of software as a service (SaaS) platforms.
With these considerations and options in mind, key elements of a solution for secure remote access by a government workforce should include:
- A Virtual Private Network (VPN) whose endpoints are the remote user’s device and the parent office (or cloud).
- Multifactor authentication to ensure that only the authorized remote employee is able to access the employer’s network or data.
- Employer-provided endpoint security to ensure secure computing and access to government data and networks, even when the employee is working from a home network that is vulnerable or compromised.
- Data Loss Prevention (DLP) that provides a safety net against the inadvertent exposure of sensitive data, even when employees are operating with potential distractions and under extraordinary stress factors.
- Device management control to accommodate organizations that want to permit – or may even require – BYOD operations by their employees.
Learn more about how to pivot to a secure, remote workforce with Fortinet Teleworker Solutions.