Infrastructure: Remote Access (IT Assessment DIY Guide, Part 12)
This is part 12 of a series on IT Self-Assessment for small businesses. We’re providing information and guidelines for a simple IT check, giving you the ability to gain free insights into how your technology can serve your business better. Each post covers a critical area of technology.
Remote Access
Function & Value
Remote access enables users to access programs and files stored on a PC or server in your office when they are not physically in the office. Remote access can allow for a flexible work schedule, cover mistakes when a file or task is forgotten, and help you accomplish an emergency weekend task without an emergency weekend commute.
There are two common ways to provide remote access: VPN (virtual private network) and Remote Desktop. A VPN uses a piece of software on an external PC to connect with a VPN concentrator (often a firewall) inside the office. Remote Desktop runs on an external PC and connects with appropriate credentials to a PC inside the office.
External access is required for most businesses, but it can pose significant risks to your network. Here are the most common problems and how to avoid them:
Common Problems
(1) Granting too much access. If VPN rights are unrestricted, remote users can gain access to everything on your network.
(2) Lack of end user policies. Your network may be very secure, but what happens when remote employees start pulling files and data down onto their home network? Do you know who is able to connect remotely, and what they are allowed to do?
(3) Using the wrong tools. If there is a strong need for remote access, it may be a sign you need to evaluate the tools you are using. Traditional PC or server bound software is relatively difficult to access remotely, but newer web-based solutions make remote access obsolete.
Best Practices
(1) Give minimal access. When a VPN is configured for remote access, grant the minimum amount of access for a user to accomplish their work. You don’t want a score of VPN credentials out there that all have complete access to your entire network.
(2) Have clear end user policies. You can’t secure your users’ home networks, but you can educate them. What can they bring down and store on a local PC? Is their wireless network broadcasting or unsecure? Set standards for your remote access employees.
(3) When appropriate, use web-based tools. Web-based tools are available for email, databases, document storage, project management and more. The technology is so mature that often there is an increase in functionality when moving off of server-bound applications.
Remote Access Self-Assessment
Type(s) of remote access in use: ____________________________________
Is access appropriately limited?
Do employees have clear guidelines for home network security?
Is most remote access driven by a single need? Could a web-based solution remove most remote access?
Level of risk to your business based upon current remote access:
High Medium Low
Issues to be addressed:
1.
2.
3.
