"The easiest way for an employee to continue their job is to remote control the workstation that's back at their office. This is actually a great solution if you do it securely, but if the solution is a VPN and whatever free remote screen-sharing tool the employee can find, it's probably not going to work out very well."

Bryan Hood, Director, Solutions Engineering, BeyondTrust

Security Consideration 1: Bring Your Own Device (BYOD)

While corporate-deployed devices are robustly hardened and controlled, we now have a proliferation of users on personal devices--not hardened PC images inside the office and behind a firewall. The sudden, large-scale shift to remote work has necessitated a BYOD workforce for many organizations, but without the right policies or proper security controls in place. It's inevitable that employees will (at some point) be using their personal devices to either check emails or complete work tasks. And this all amounts to a very high risk when many of these unsecured devices are connecting to the corporate-issued VPN.

Security Consideration 2: Inability to Achieve Compliance

With the rush to get so many users set up and connected remotely, there is also a risk of misalignment with your own internal policies as well as external compliance initiatives. While this may not be a short-term concern, thinking about it long-term, it's crucial that we continue to meet the guidelines of mandates such as PCI, GDPR and HIPAA. The last thing organizations need on the horizon, after a time like this, is to be hit with hefty fines.

Security Consideration 3: Shadow IT

Leaving end users, quite literally, to their own devices (pun intended) for extended periods of time, will lead to them finding their own makeshift solutions and tools. These free tools are far from enterprise-grade, and while they may help different enable facets of productivity (i.e screensharing, messaging, file storing/sharing, etc.), they come with serious security shortcomings that could jeopardize company data and/or uptime. Some shadow IT is even embedded with spyware--in other words, your screensharing tool could be sharing far more than just a screen, and it could be sharing it with cyber criminals! This is why it's important for IT to provide an enterprise solution for its users, rather than leaving it to workers to make do with what they can find, which may inadvertently create back doors for hackers and malware among creating other issues.

Security Consideration 4: Privileged Remote Access

During this period, workers of all types will be required to do tasks remotely. This includes sysadmins, developers, vendors and other privileged users, who may also be forced to go BYOD. Due to the privileged and highly sensitive nature of their access and actions, this presents a substantive risk that should not be overlooked. Check out the video above for more detail around the proper protections you should be thinking about with regard to privileged credentials, privileged, sessions, vendor access, and more.

Explore BeyondTrust Solutions

Secure Remote Access solutions:

Endpoint Privilege Management solutions:

Contact BeyondTrust to learn more.

Photograph of Bryan Hood

Bryan Hood, Director of Solutions Engineering

As Director of Solutions Engineering at BeyondTrust, Bryan and his team work closely with both prospects and customers to evaluate their needs for securing access to users and business critical systems, while still enhancing IT productivity. He consistently speaks about benefits of securing remote access and privileged access for numerous trade shows and while visiting clients. Prior to joining BeyondTrust, Bryan worked as a Senior System Engineers and Messaging Architect for several large corporations, and also worked as a contractor to the Department of Defense in these roles. With more than 20 years of experience, he helps drive efficiency, productivity, and security through assisting with installation and helping clients maximize on their BeyondTrust investment.