At the end of the day, a company's security is really only as strong as its weakest link.
What is your company’s most valuable asset? Surely, your employees rank highly, and perhaps other things come to mind as well. But how about data? It may not be flashy and managing it may not feel like much of a concern, but it should be.
Protecting data via IT security measures is commonplace for most businesses that transmit information using IP networks. Systems are strategically put in place to ensure data remains secure. However, these endeavors are often focused at the corporate or head office level. For employees that are located outside the central office, residing in a branch environment or working remotely, the security component is more complex.
The number of companies employing remote workers or opening branch offices is growing exponentially. The increase is due to widening the use of the internet for communication and collaboration across all industries. IT security for remote offices or branch offices (ROBO) need be handled differently and can be significantly challenging if not approached correctly. Here we examine common challenges and solutions for effectively managing and protecting data in ROBO environments.
Managing branch networks
With the size of each branch office typically being rather small, they don’t usually have on-site IT staff available to offer user support when things go awry. Therefore, the central IT department must provide support and security while also being mindful of the demands placed on time spent devoted to the various branches. Businesses with multiple remote workers and locations will need to ensure their IT division works efficiently, with productivity and costs planned out precisely.
Most office environments need the same functionality as the corporate office, in terms of security. These may include firewall, VPN, IPS, web and email protection. IT management, implementation or upgrade can be costly when dealing with multiple offices, yet safety for data housed remotely is just as important as that of information residing at headquarters.
When a new branch office opens, the goal is to have the ability to control and manage security system updates centrally. The alternative is to send an IT engineer on the road for several days visiting each new branch, which is obviously not an ideal scenario. Preconfigured systems deliver a better return on investment and lower costs. Managing pre-set system procedures at the head office is one approach, yet in some cases, adjustments will still need to be made on-site.
Thin client security
In lieu of firewall, VPN, IPS, web and email security running together on a costly branch office device, all functions can be routed via a command center. This hub is able to reside in the corporate office or in the cloud. The “thin client" approach to security allows for a remote device to be placed within the branch office. Traffic is directed to the central device where it’s scanned, filtered and then released to the internet. If the organization determines cloud storage to be their preferred method, be aware that data breaches are not only possible, they’re often more expensive than alternative approaches.
These remote devices are able to be sent unconfigured to remote workers, or branch offices. All configuration would occur at the central gateway, saving time and money. As soon as the branch office device appears online, it begins retrieving information from the central service, constructs itself and authenticates a coded tunnel to the head office, all without requiring IT staff to be present.
Internet usage policies should be a major focus, as bandwidth at local offices may be spotty. Branch locations are usually smaller; therefore, the internet connection will be smaller as well. There may even be just one solitary on-site network connection. Rules regarding site access and non-work related “surfing” will have to be more stringent to ensure that bandwidth is being utilized for business purposes only. Freeing up bandwidth guarantees the central IT team is able to support users properly. Additionally, how employees operate on the network will determine if a company is increasing their risk of a data breach. Workers should be well educated on the use of social media, storage solutions and how their online presence effects the company overall.
There may need to be increased flexibility when implementing procedures for remote workers. Many tend to utilize their own IT resources ather than company sponsored devices. If this is the case, ensure that users are appropriately instructed on what they can and cannot do when on using the company network.
The cost of maintaining remote workers and branch office networks is a significant challenge over time for many businesses. The ability to manage security settings alongside centralized IT can play a powerful role in keeping costs as low as possible. In most cases, IT plays a key role in the success of an organization. By considering various security methods and selecting the one that fits your company best, profitability and productivity will increase.
At the end of the day, a company's security is really only as strong as its weakest link. Unfortunately, this outlook is typically not recognized at the branch office level and higher costs are incurred by trying to maintain separate solutions for each office. As Rich Hillebrecht, Chief Information Officer of Riverbed states, “Remote and branch locations are where so much of business is transacted, so the way that we manage assets and resources located away from the close control of headquarters has to be carefully considered. Maintaining distributed applications and data so that productivity, access, maximum performance, and protection are maintained are among today’s biggest IT challenges."
Always be certain your approach to ROBO security effectively safeguards each branch or remote worker in a manner that cuts down on expending precious company resources.