How Businesses Can Get the Most Out of Their VPNs
For businesses that don’t already have the VPN capacity they need, expanding it now could prove challenging. “That presents a problem because of long lead times,” says Lowe. “If you have to ramp up additional capacity to be able to support your base, you’re not going to be able to do that.”
Instead, IT departments have to find ways to keep the organization productive within their current constraints. This means managing access to critical applications.
“You’re looking at doing some interesting internal juggling by tiering your applications,” says Lowe, noting that the systems most critical to business continuity are more basic than organizations may realize.
“Businesses are going, ‘Oh, it’s going to be the financial system, it’s going to be the manufacturing system, it’s going to be this, it’s going to be that.’ But really, one of the most critical business systems that people have is email,” he says. “Email and instant messaging and conference installations are actually the most critical business applications. You’ve got to figure out how to support that.”
Another way to make sure the VPN isn’t overloaded is to manage when employees are using it. Grouping workers together with designated times to get on the system can help distribute the workload. This approach might not work for some businesses, says Lowe.
“You end up saying, ‘Okay, you’re in group one, you have access from 0800 to 1600. You’re in group two, you have access from this time to that time,’ etc. That’s not really conducive to the way some businesses work, because the organizations that you’re dealing with don’t work like that.”
These organizations may have to look outside the VPN to provide supplemental support to workers. Cloud-based security tools like private access solutions from Zscaler and Netskope can be useful additions to the infrastructure.
Ways to Keep VPNs Secure During Remote Work
While deploying collaboration tools and solidifying networks are critical right now, businesses can’t afford to lose sight of security. The large number of devices connecting to networks is leaving organizations more vulnerable to attacks, both on the company level and the individual level. Implementing solutions such as multifactor authentication and unified endpoint management can help IT departments keep a tight grip on network access.
But one of the greatest vulnerabilities isn’t technological, but rather personal. Employees need to be alert to potential risks, and Lowe says that the simple reality of not being in the office can lead to problems.
“You walk around any office building, there’s a cybersecurity awareness campaign going on whether they know it or not,” he says. “They also don’t have the ability to pop up over the cube and ask their next-door neighbor, ‘Kevin, what do you think about this email? Do you think it’s kind of sketchy, or not?’ They don’t have the ability to do that.”
Keeping up awareness and vigilance among staff should be the first priority, Lowe says.
“Employees think that they’re just as protected as they are at the enterprise. And they just don’t have the backup resources to be able to ask those questions. Implementing an education and an engagement methodology for your remote workers with regard to security is critically important.”
VPNs can be a crucial tool for businesses during this shift to remote work. By getting creative and engaging the workforce, organizations can successfully — and securely — make a smooth transition to work from home.