08/06/2011

By Dr Aydin Kurt-Elli, COO at Lumison

It’s great news that the first trial of 4G has been announced in the UK particularly as a recent report from Ofcom outlines a large speed gap between mobile and fixed line broadband.

This is significant for businesses as the technology will enable speedy web-browsing on smartphones and laptops for staff that are out of the office. This does however put increasing pressure on businesses to provide fast, reliable, secure and easy-to-use remote access for staff and there are some fundamentals things that businesses need to put in place first.

Strong passwords help secure your remote worker access massively. It’s imperative that staff understand the importance of this rather than using their pet’s name, for example. But they are not 100% effective. The only way to be sure is to use two factor authentication (2FA). As the name suggests, 2FA uses two factors to authenticate users — something they have (key fob with a one-time, changing password) and something they know (a more traditional PIN).

Public Wi-Fi spots are goldmines for unencrypted user data — all you need is a laptop and the right software and you can grab logins to accounts just by sitting there and waiting for people to connect. Using strong encryption makes it much more difficult to capture this data.

Virtual Private Network (VPN) software is difficult and complicated to use if not setup correctly. This can lead to frustration for your staff and make them more likely to use an alternative and possibly less secure way of getting their work done. SSL (Secure Sockets Layer) VPNs (a form of VPN that can be used with a standard Web browser and does not require the installation of specialised client software) can take some of the hassle-factor out of providing remote access to internal resources.

Having easy to use VPN software that can run from any browser opens up its own challenges. How do you know that the end-point that your staff member is connecting from is not virus-ridden and full of malware? Using end point assessment and discrimination, you can run checks on the remote PC to ensure it meets the requirements of your security policy. Depending on how many of the boxes the remote PC ticks in your list, you can then decide how much access the remote user should get.

It is possible to provide remote access capability using off-the-shelf hardware and software, but like any powerful tool, they can be expensive and need to be installed and managed by experienced and qualified engineers. An alternative option is to go for fully managed remote access solutions, which can be integrated alongside existing IT infrastructure and doesn’t provide an IT management headache.