Five Key Considerations for Work from Home Hardware
During the height of the COVID-19 pandemic, virtually every worker in America was forced to work from home. In the mad scramble to keep people productive, providing secure remote access from personal devices was a fast solution. However, this was mostly a quick band-aid and largely unsustainable for the long haul. While remote access from personal devices is possible as a short term measure, it can introduce a host of security, control, and data privacy risks.
For these reasons, Protek recommends that organizations standardize on corporate issued laptops and desktops for employees who work from home permanently or even occasionally. Here are five key considerations for organizations looking to deploy the right hardware to their remote workforce.
1. Personal devices are a security risk
While it is technically possible to provide corporate remote access from personal devices, it is not recommended. There are too many variables that are outside of a company’s control. With personal devices, it is difficult to control who is accessing the computer at any given time. Children or spouses can inadvertently access sensitive corporate information or personally identifiable information (PII) that is protected by special compliance requirements. With a variety of users on a machine, the likelihood of spyware or malware infections increases, and with it, the risks from key loggers and other forms of snooping software. Lastly, a personal device poses elevated risks from data sprawl, corporate data theft, or data loss.
2. Standardized security and remote management tools
By contrast, with a corporate issued laptop or desktop, all the necessary security and remote monitoring and management tools can be properly installed. At Protek, we install and manage a host of advanced security and endpoint management tools which enable us to protect, defend, and serve our clients. We install next-gen AV [link] and content filtering tools to defend against viruses, malware, ransomware, spyware, and access to inappropriate or dangerous websites. Our endpoint management tools enable us to remotely monitor, patch, and manage all corporate owned machines. With robust management tools, we can proactively maintain the fleet of company machines, quickly fix problems, and provide world-class help desk support to our clients.
3. Security standards for authentication, screen lock, and disk encryption
With corporate owned machines, it is vastly easier to implement robust authentication mechanisms for each user. For instance, we recommend Azure Active Directory along with multi-factor authentication to defend against password compromises. In addition, we are able to implement various standard security procedures such as device timeouts and screen lock procedures, all of which support good security practices for employees working from corporate machines. Finally, with corporate owned machines, we can implement full disk encryption, safeguarding the privacy of sensitive corporate and customer information in the event a computer is lost or stolen.
4. Acceptable use policies
When an employee works from a corporate issued machine full time, it is much easier to communicate and enforce acceptable use policies on the machine. There is no grey area. A work machine should be used for work purposes only and it is therefore much easier to explain corporate prohibitions against accessing inappropriate content, social media sites, and/or personal use of the computer. Moreover, in virtually every jurisdiction, employees have zero expectations to privacy when working from a corporate machine. Again, this reality and it’s implications are much easier to comprehend when a company standardizes on corporate issued hardware.
5. File collaboration and data protection
Lastly, it is much easier to control company data when everyone is working from corporate issued machines. Protek recommends clients standardize on the Microsoft suite of collaboration tools, such as Onedrive, SharePoint and Teams, which can be properly deployed and configured on corporate machines. When doing so, you end up with well organized and controlled data repositories, instead of data sprawl. And when corporate data lives in the right places and is worked on with a standard set of software tools, it is also much easier to backup and protect that data, whether the risk is data loss, theft, or large scale data exfiltration.
For organizations looking to ensure productivity and security for their remote workforce, we encourage you to meet with Michelle Lawson for a consultation on how Protek can help with your work from home strategy.
Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.