Work From Home Guidance And COVID-19 Update

Back to Blog

In the wake of COVID-19, Computer Courage is fully operational (with an emphasis on remote service) and working diligently with customers to provide guidance and support for remote work technology and configuration. We have excellent resources available to our clients to help you adapt to the changing work environment. Today we are also announcing a new remote work tool – “Access” which we are making available to all of our Managed IT Services clients at no additional cost.

With Alameda County, along with 6 other Bay Area counties, going to “shelter in place”, most of our business clients are turning to remote work / work from home. In this article, we provide an overview of remote work technologies, configurations, and policy. Please read this document carefully, even if you already have remote work established, and contact us for help establishing setups, policy, or new technology.

The following sections outline 3 “models” for remote work. Most organizations will find that they fit one of these models, though some orgs may utilize different models for different staff members. Read and consider which make the most sense for your organization.

 

Models for Working Remotely

Model 1 – Remote Desktop

In this model, users leave their workstations at the office and remotely connect to their office workstations from personal devices to perform their work. This model is generally our first recommendation as it is the more convenient and secure option for most users.

Today, we are announcing a new powerful remote desktop tool, called “Access” to our Managed IT Services clients at no additional cost. We also offer several other remote desktop options such as Microsoft Remote Desktop and Chrome Remote Desktop. If you are currently using VPN and Microsoft Remote Desktop for remote access, ask us about switching to Access for convenience and security.

The advantages of the this model include:

  • Familiar, efficient experience – Users connect to their work computer and see all the same apps, links, server connections, and tools they have at work. It’s usually very fast too.
  • Simple setup – Users can get set up via a remote session with a Computer Courage technician quickly and easily. No need to install business applications on the personal devices.
  • More secure – This model only opens a very limited connection between personal devices and the office network. There is very limited risk from unmanaged personal devices.

Considerations for this model:

  • Some organizations are primarily laptop based but have traditional server infrastructure. Here we recommend that employees leave the laptops at the office, connected to the company network with sleep disabled, then connect to them remotely from personal devices.
  • A small percentage of your employees may not have personal devices to connect from. Your organization should consider purchasing a small set of spare laptops for this purpose. We are available to help with purchase and configuration.

Model 2 – Direct to Cloud

If your organization keeps all or most data in the cloud (email, files, applications, etc.) you have the option of allowing employees to work from remotely by directly connecting laptops or desktops to the cloud services.

This model is convenient, but it does introduce a serious consideration: personal devices. If your users have managed company laptops, they can simply take them home and work securely, with all of the organization’s apps available. If users do not have company laptops, they may begin to sync their personal devices directly to your cloud services. This represents several important concerns:

  • Unmanaged personal devices can become infected with malware that can spread through cloud sync. This is especially true for file sync services like Google Drive or Dropbox.
  • Unmanaged personal devices may need new installations and/or licensing for company software (Microsoft Office, QuickBooks, CAD, etc.)
    If you are a cloud-based organization with this model, we are available to consult. We can assist with temporary onboarding of personal devices to our Managed IT Services, licensing review, and policy development. We can also help with Mobile Device Management (see section below).

Model 3 – VPN

In this model, users install “VPN” (Virtual Private Network”) software on remote computers and use it connect to the company network. This allows the remote devices to connect to all internal resources (servers, printers, storage, etc.).

This model is functional, but has several red flags that should be considered:

  • Unmanaged personal devices can become infected with malware that can spread through cloud sync. This is especially true for file sync services like Google Drive or Dropbox.
  • Personal devices may need new installations and/or licensing for company software (Microsoft Office, QuickBooks, CAD, etc.)
  • The VPN user experience can be slow for many users

If you are using VPN, or are interested in this model, we recommend a consultation to discuss the details. Some organizations may wish to switch to our new Access tool which does not require VPN. If VPN is necessary for your organization, we can make technical and policy adjustments to help maximize security and minimize risk.

 

Other Considerations for Working Remotely

Phones and Videoconferencing

Another important consideration for remote work is with telephony and videoconferencing. Most modern phone systems have mobile apps to allow employees to take their business phone lines and voicemail with them. If you have a traditional phone system that doesn’t allow for these features, your email solution (G Suite or Office 365) may have similar functionality that you can use to augment your phone solution with phone apps and videoconferencing.

Many VOIP and videoconferencing services are offering free or discounted services in response to the virus pandemic. Some of these offers may be valuable to your organization.

Our primary recommendation with regards to phones and videoconferencing is that your organization plan and make centralized choices and policies. If employees make individual choices about these technologies, your organization will experience inconsistencies and may be exposed to security risk. Contact us to let us know if we can help you coordinate your phone and videoconferencing solution.

Mobile Device Management (MDM)

MDM is a technology that can be installed on mobile devices (laptops, tablets, phones) for security and policy purposes. The primary advantage of MDM is functionality for locking, tracking, and wiping mobile devices in the event that they are lost or stolen. We generally recommend that MDM be installed on any company-owned mobile device. Your organization may consider requiring MDM on personal employee devices, though this adds considerable complexity and questions regarding employee privacy and consent.

We are available to consult on or implement MDM for our clients. It is low cost and easy to implement.

General Guidance for All Technologies

User experiences with any remote access solution can vary depending on home network speeds, device types, and application type. Testing with one or two users before launching org-wide can be helpful.

Regardless of the specifics of your technology, we recommend that all of our clients find time to review their remote work environment and make decisions and policy on the subject. It is critical that you provide employees with clear policy and tools for remote work to minimize security risk and productivity impact.

Additionally, please be aware that there are an increasing number of new phishing scams and fake websites taking advantage of the COVID-19 virus scare to steal information and commit fraud. Please communicate this to your employees and remind them to stay vigilant and exercise caution opening any links in emails. We offer Security Awareness Training (SAT) projects to help combat phishing scams.