As the spread of COVID-19 mandates social distancing, our MSP business is in the same boat as many businesses out there: quickly supporting employees who must now work from home. The chief goals of a remote work implementation strategy should be enabling your people to work in a comfortable, familiar, and productive environment, while also ensuring that all devices and data remain absolutely secure.
And even when life slowly returns to normal, fine-tuning your employee work-from-home policies isn’t just a best practice, it’s a must-do. Here are three things MSPs should keep in mind right now (and beyond), both for themselves and the clients they work with:
1) Mirror the employee’s desk in the remote environment.
The shift from office to home can be a disruptive one if employees aren’t able to access their normal tools and establish familiar communication processes. We’ve found that it’s essential to recreate employees’ workspaces in the remote environment, so that they’re able to productively accomplish tasks in as close to the same way as they would on any other day at the office.
For example, an employee at home likely won’t have their work desk phone with them. The solution is to install an app for that. A VoIP solution (we use Metaswitch’s Accession Communicator) will allow the employee’s desktop PC to act as their desk phone and enable them to communicate as normal. In some cases, we’re also using the VoIP solution to redirect the call to an employee’s mobile phone. Under that scenario, though, it’s important that we also encrypt and secure those devices with an MDM solution.
We’ve actually given some employees their work desktops to take home with them, so that they can continue working with no changes in how they interface with their familiar applications and tools. It’s even worth it to consider the ergonomics of employees’ home workspaces—if an employee needs to bring home their office chair to work comfortably, let them borrow it.
We also have another small category of workers who will need to enter the office every few days to collect invoices and perform other tasks that require their physical presence. Our solution for these employees is to leave their desktops in place at work, and give them laptops that they can use to access their work desktops via Microsoft Remote Desktop. In this way, employees can literally utilize a mirror of their work environments, if not the real thing.
2) Establish a system to track and secure computer hardware and other equipment.
For both organizational and security reasons, we’ve developed an easy but effective system for tagging and tracking all of our outgoing hardware and equipment assets. Quite simply, we’ve applied asset tag stickers to all of our devices, and use paper forms and a checkout process to record who is checking out what assets on what dates. It’s a sleek lightweight system that we were able to implement extremely quickly. Given that timing is crucial in standing up plans such as these in the face of a pandemic, we’re glad for what we’ve come up with and plan to evolve and improve it as necessary.
3) Secure remote devices and data.
This is arguably the biggest concern with extending employees out into a virtual office space. It’s critical to the well-being of any business to sufficiently defend its data and system access even when devices are at large.
To begin, any business implementing remote work protocols needs to implement a VPN for secure communications. We also made certain that Windows and all anti-virus software on our remote hardware were fully updated with the latest security patches.
As an MSP, we also utilize SimplySecure for MSPs for data encryption and access controls capable of securing and remotely wiping data from clients’ devices in the event that they become lost or stolen. We’ve also found it wise to support our security tools with appropriate employee training. Not every client or employee knows what a VPN is, and clearing up any potential technical roadblocks goes a long way toward making the transition to remote work as seamless as possible.
Wherever our desks are now, we’re going to have to work together to get through this. We’re glad to share our practices with anyone who needs them in the interest of getting us all back to business as usual.
Robert Leonard is the information security manager at Hamilton Telecommunications. During his tenure with the company, Robert served in the United States Army for nine years. He resides in Nebraska.