Technical Support: 412-349-6678 | Incident Response

How to Improve Your Security & Infrastructure For Remote Work

Remote Work - options for network security and infrastructure

Is the remote work transition a permanent one?

Enterprise Management Associates (EMA) surveyed 303 IT professionals, and found that working from home surged from 14% of employees to 64% of employees in 2020. 

That’s hardly a surprise. However, more than half of those professionals expect this change to be permanent. 

This suggests that an enormous number of workers are shifting to the work-from-home model for good.

In 2020, executives accepted bandwidth and transition issues as reasonable. However, in 2021, IT security and performance must advance to match what’s perceived as the new normal.

So, where can we find solutions to coincide with that advancement?

The Pitfalls of Legacy Options for Remote Work

Historically, IT teams first secured the enterprise, then routed remote employees into the corporate environment. 

With the ongoing shift to cloud resources, many IT and security managers will likely see this focus as cumbersome … and potentially dangerous.

The vast majority of remote workers connect to their corporate environment using Virtual Private Network (VPN) technology, which deploys easily, but requires significant bandwidth. It also can’t easily scale.

Remote Desktop Port (RDP) connections permit users to access their office computers, but the user-defined sign-in credentials and unrestricted port access involved in that create security weaknesses. 

Flaws located in Citrix, Pulse Secure VPNs, and insecure RDP connections allowed cybercriminals to launch a host of devastating ransomware attacks in 2020.

Virtual Desktop Infrastructure (VDI) provides improved security, but only by shifting the processing and computing burden onto the corporate infrastructure. And, just as with other remote access solutions, scaling this solution creates both financial and infrastructure strain.

Many IT departments obtained additional hardware (servers, gateways, etc.) and licenses to support the surge in remote users in 2020. But, is that the best way to utilize resources moving forward? 

Additionally, companies shifted operations to more cloud resources, such as email, video conferencing, and file sharing, which solves some problems, but adds others.

Unfortunately, with so many cloud resources, we either waste bandwidth or open security gaps. By allowing direct cloud resource access, we lose control over the connection and must rely on the users’ in-home security setup…which usually isn’t great.

And, by forcing users to connect to the company infrastructure, then to the cloud, we simply create a bottleneck by making the corporate network the middle-man for both coming and going traffic.

The added bandwidth puts even more pressure on the corporate network to expand both bandwidth and network speed.

Monitoring for cyber security breaches
January 2021 Security Patches Release - Click to Read More

What About Cloud Options?

Some experts advocate killing VPN systems and converting to a purely cloud-based solution.

Sure, that sounds like an extreme stance, but there are reasonable supporting arguments.

A cloud-based security platform would be able to encompass cloud activities, such as Outlook 365 emails and Zoom conference calls. Additionally, the organization could drop the expenses for VPN/RDP/VDI connections, and reduce the corporate network bandwidth requirements when the cloud activity is routed around it.

One option for a cloud-based security is Zero Trust (or Touch) Network Access (ZTNA) – also known as a Software Defined Perimeter (SDP). This concept extends the Zero Trust Framework beyond the corporate network to an extended network that encompasses applications and cloud resources.


Related Article: Is It time for Zero Trust Over VPN?


ZTNA assumes all connections are hostile until proven otherwise, and it incorporates multiple methods for verification, such as muti-factor authentication (MFA), device verification, and even time and geolocation checks. 

While some consider Zero Trust as a marketing buzzword, Gartner estimates that 60% of enterprises will switch from VPNs to ZTNA by 2023.

Another cloud-based option is Secure Access Service Edge (SASE). It works by extending the SDWAN concept.

SASE attempts to simplify administration and cybersecurity by consolidating edge appliances, cloud applications, and the multiple security solutions to protect them.

So, Which Option is Best For You?

Not all organizations can afford the switch to cutting edge technology, but no one wants to pay higher costs for poorly performing legacy solutions. 

Fortunately, there are intermediate steps and technologies that can ease the transition without radical change.

Instead of locally hosting VDI within the corporate environment, Microsoft Azure offers a Windows Virtual Desktop (WVD) solution that offers the control of VDI and the improved flexibility of the cloud

That solution also segregates the virtual workplace device from the physical device used by the remote worker, which permits additional security, along with data loss protection (DLP) options and controls within corporate command.

Of course, no two organization are the same. Yours may require a different setup than another company doing the same type of work. That’s something we understand well.

We help organizations of all types analyze their infrastructures, and explore options that reduce costs, improve network performance, and boost security. And, with data centers in nine locations across the United States and 24/7 monitoring and support, we’ll always be by your side, no matter where you are in the world.

Ready to explore all of your options? Call us today at 412-349-6680 or complete the form below to schedule a consultation. It’s time to maximize your return on IT!

Need a Managed IT Solution For Your Organization? Contact Us!

  • This field is for validation purposes and should be left unchanged.