Even before the coronavirus pandemic forced many businesses to quickly adopt a work-from-home (WFH) model, many SMBs were embracing telework and counting on their trusted IT provider to ensure they have the tools and resources needed to maintain business and operational continuity. Now, however, with so many additional businesses embracing WFH due to COVID-19 distancing guidelines, the threat attack surface has rapidly increased as more users are accessing organizational resources and data from new devices outside of their companies’ networks.
As SMBs grapple with transitioning to a secure remote access plan, it is especially critical for IT providers to help their customers secure remote workers without disrupting business operations. In many circumstances, secure remote access built around a remote access VPN solution is only the start. MSPs should take the following five steps to minimize business interruption for customers transitioning their workforce to a remote model.
- Ensure VPN is up and running: Let your customers know that many VPN clients can be downloaded for free and should be installed on every device being used to connect remotely to the corporate network. For organizations looking for a more robust endpoint security solution, endpoint detection and response (EDR) tools provide advanced threat protection for both pre- and post-infection. An EDR solution provides things like advanced anti-virus functionality on the front end, combined with the ability to detect and stop advanced attacks in real time, even after the endpoint has been compromised, enabling remote workers to continue working safely and without disruptions.
- Check for secure connectivity: Your customers’ VPN client should provide a secure connection, as well as share the security state of endpoint devices to allow technicians to establish and maintain clear visibility over remote teleworker environments. Additionally, SMBs should have multifactor authentication and single sign-on tools to prevent business risks. Organizations with large numbers of remote workers may also want to consider adding a VPN management solution that enables them to securely and automatically share information, push software updates, and assign security profiles to endpoints using an advanced VPN client.
- Set up secure access to cloud application: Driving all traffic through a VPN tunnel can have a doubling impact on network traffic. With an uptick in remote workers accessing SaaS applications and the cloud, the network is now also managing the many connections that remote employees are using daily. To ensure that networks can keep up, MSPs should offer customers direct connections with a cloud-based security solution. Cloud access security broker (CASB) subscription services provide visibility, compliance, data security, and threat protection for corporate SaaS and other cloud-based services being accessed by remote workers.
- Consider network access control: Cyberattackers will be looking to infect or take control of remote devices now more than ever. Network access control (NAC) solutions, which can see, identify, and control everything connected to the network, can help combat this threat. NAC enables MSPs to limit where customers’ devices can go on the network, and then continuously monitor and automatically react to devices that fall out of policy within seconds.
- Implement network segmentation: Once a user has been authenticated and devices have been provided network access based on policy, it is critical to be able to manage access to networked resources. Many of today’s remote workers are new to telework. Additionally, some of the applications and other resources they need will be accessed remotely for the first time. Evaluate whether network segmentation makes sense for your customers to ensure that devices, users, workflows, and applications can be isolated to prevent unauthorized access and data loss. Network segmentation also limits exposure in the event that a cybercriminal is able to breach the network perimeter, further ensuring an organization is minimizing any risks that an increased remote workforce can introduce.
While some of your customers may already have all the tools they need to transition to a secure remote access strategy at zero cost, others may need to upgrade or refine their solutions or need help in configuring devices to accommodate new network traffic patterns. Others may be seeking guidance in best practices while some may need to implement a secure remote plan for the first time. As trusted IT providers, you can make all the difference in helping your SMB customers implement a strategy that successfully maintains their business and operational consistency.
JON BOVE is the vice president of Americas channels at Fortinet. Bove and his team are responsible for strategizing, promoting, and driving the channel sales strategy for partners in the United States as the company seeks to help them build successful – and profitable – security practices. A 17-year veteran of the technology industry, Bove has held sales, sales leadership, and channel leadership positions. During his time at Fortinet, he established Fortinet's national partner program and aligned Fortinet's regional partner strategy to allow partners to develop Fortinet security practices with the tools and programs to successfully grow their businesses.