The emergence of COVID-19 has prompted some extraordinary changes in many of our lives, not least of which are new directives to work from home. While the health and safety of the workforce is every organization’s chief concern, a close second must continue to be the security of its systems and information. Allowing employees to telecommute has never been easier, but business owners must ensure that this is not done in such a hurry that it exposes critical systems to bad actors.
A number of technologies can be used to facilitate remote work. Once of the oldest is the Remote Desktop Protocol, often referred to by its abbreviation, RDP. Remote desktop is a functionality built into the Windows operating system that allows a user to remotely connect to and control one workstation from another. Although the protocol itself is very safe and secure, a poor implementation of RDP can leave a network vulnerable to attack from the outside. In general, it is best to utilize RDP in concert with one or two other pieces of technology, a Remote Desktop Gateway (RDG) or a VPN tunnel.
A Remote Desktop Gateway functions as a ‘broker’ between client and host for an RDP session.
This means that only a section of the network that is effectively inside a DMZ (a special protected area of the network) is exposed to the internet. This is important because it adds a layer of protection onto Remote Desktop connections that would otherwise not exist. Without the RDG to function as a broker, directly remote connecting to a workstation inside of a business’ network could mean that portions of the network are directly exposed to the internet, presenting an extremely inviting target to bad actors seeking entry.
One major caveat to an RDG facilitated Remote Desktop setup is that it requires that a domain exist. If an organization is not currently configured to use Active Directory, another means to facilitate secure RDP access is a VPN. A VPN is a Virtual Private Network and is a means to allow a remote computer to function as if it were inside of a network. Traffic transmitted via a VPN tunnel is also encrypted, meaning that data that transits between the client and host computer has been secured against potential prying eyes. A VPN is generally dependent upon special software and an enterprise class router. If your organizations router is already configured to allow VPN traffic, this can be one of the quickest secure routes to allow employees to work from home. Remote Desktop via a Remote Desktop Gateway or a VPN can be deployed to your home computer and allow you to connect to your computer at the office,
The final means to allow employees to work from home is software facilitated remote control.
Services like LogMeIn, Join Me or TeamViewer can be quickly deployed to allow employees to work from home. So long as strong passwords are used to authenticate into any accounts used, and multi-factor authentication has been configured, applications like those listed above represent a secure work from home solution ‘in a box.’ This is because the end to end security of the application is handled by the manufacturer, lessening the burden on individual employers to confirm the security of their work-from-home setup.
Although COVID-19 has many people rightly concerned about their health and safety, business owners and IT professionals cannot lose sight of the need for security—bad actors will not hesitate to take advantage of the present situation, much to the detriment of the business community. If you have recently begun working from home, or allowed employees to do so, and have any concerns about the security of the setup, contact an IT professional as quickly as possible.
Mythos Technology is an IT consulting and management firm that provides Managed Technology Services including hosted cloud and compliance solutions. For more information, please visit www.mythostech.com or call (951) 813-2672.