It now looks like hybrid working is here to stay. Although some workers will return to the office on a permanent basis, many others will be working from home (WFH) either permanently or for part of the working week on a regular basis. Alongside this are those who are field-based anyway: salespeople, support engineers and so on.
Such working practices raise major issues when it comes to an organisation’s information security: many workers will be using devices that they have sourced themselves accessing the corporate network over public networks and often unsafe Wi-Fi links.
Those with malicious intent know that the easiest way into a corporate network is no longer through the defences the organisation has put in place, but to attack via these weak attack surfaces of home networks and devices.
Sure, organisations can insist that users install anti-virus on their devices, practice secure web surfing, and more, but at the end of the day, they may not be the only ones on their network. Also, any policies put in place by the organisation around not accessing certain types of websites, of installing only authorised software and so on can only be implemented with the agreement of the user – not many of whom will be happy to accept such constraints.
Instead, MSPs must offer flexibility, yet a secure environment to not only protect their customers but also themselves. Below are several options MSPs can take:
- Hosted desktops – whether this be through the use of VMware (soon to be Broadcom) or Citrix hosted desktop solutions or directly via Microsoft Windows 365. With these systems, users do not have the desktop installed directly on their device. Instead, some form of access mechanism is provided to show the user a virtualised desktop that is hosted in the cloud owned by a third party. Through such means, hosted desktops can be access by any device – whether it be a desktop PC, a laptop, or even non-Windows devices such as Android and iOS tablets, MacOS devices and even mobile phones.
Hosted desktops are an approach that an MSP can offer to their customers and prospects which should be easily messaged in a manner that provides a solid value to them. While using VMware or Citrix provides an MSP with the greatest control over the systems themselves, Windows 365 can be set up and managed by virtual MSPs or those not wanting to spend as much time in maintaining and operating the underlying platform required to run hosted desktops.
- Zero Trust Network Access – a security concept which ensures that only the right person with the right device (and security measures) can access a company’s resources, no matter if they are within the firewall or elsewhere. Given today’s complex business environment and the heightened cyberthreat landscape, a zero-trust concept not only ensures that access privileges are honoured but it is more desirable as it provides users with ease-of-use, flexibility, and scalability to boost user productivity, all while ensuring the security of an organization’s data, devices, and employees.
- Virtual Private Network (VPN) – a solution of choice for many MSPs and their clients during the early days of the pandemic when workers were asked to shelter-in place. It was an existing technology that businesses understood, and it was easy for MSPs to implement because many of their existing firewall solutions offered VPN capabilities. However, VPNs tends to be resource intensive and can be quite slow, especially for the workers who are farther away from the physical network.
Regardless of which solution security solution you choose, below are areas that you should focus on to avoid any push back from your customers:
- Ensure users can work flexibly and not be hindered by the security technology you deployed.
- While no one wants to be controlled by how they use their devices, organizations need to have control to ensure security and reduce risk. It is a fine line to walk for MSPs as they implement a solution that can provide the level of control their customers desire, and the flexibility that suits their employees.
- For hybrid users, they are required to work within and outside the firewall. The solution of choice must provide users the ability to go to and from the office without a hitch.
- The combination of digital transformation and heightened cyberthreat landscape requires businesses of all sizes to have cybersecurity at the forefront. To not implement one of the above-mentioned approaches will be a disservice to your customers.
When it comes to securing your customers, it’s not a one-size-fits-all. Before you select one of the approaches for your customers, make sure it suits their organization and their users’ behaviours because if not, the push back can create more ongoing help desk call than you would want for your technicians.
Photo: crystal light / Shutterstock