Connecticut's IT Blog for Growing Businesses | NSI

5 Strategies to Configure your IT if you Have a Mobile Workforce

Written by Tom McDonald | Oct 6, 2015 1:30:00 PM


Some of the greatest productivity tools for business are mobile computing devices. Tablets, smartphones, and laptops keep employees connected to the office and to customers and enable round-the-clock support. These same mobile devices also can create a headache for IT personnel. The IT staff has to provide access to mobile users and secure the network from wireless intruders. While supporting a mobile workforce can substantially increase office productivity, your network also needs to be hardened to accommodate mobile users.

According to the Citrix Mobile Analytics Report, the number of external devices managed within the enterprise increased by 72 percent in the last year. At least 61 percent of workers report working outside of the office part of the time, and most employees use three or more devices daily for work-related activities.

Here are just a few of the ways that the company’s IT department can securely extend the corporate network to support mobile workers:

1. Virtual Private Networking (VPNs)

The best way to provide secure remote access is with a virtual private network (VPN). A VPN is a means of creating a secure connection over a public network such as the Internet. The VPN gateway performs an authentication “handshake” with remote users and once they are authenticated, it provides secure access between the remote user and the network.

The great thing about VPN is that it is secure, but it doesn’t require client software. Authentication is handled from the network, so remote users with the right credentials can access the network anywhere, at any time, using any device. And a VPN can be used as an internal network strategy to isolate sensitive data areas, such as accounting or HR records. That way you can grant access to specific parts of the network based in the user’s credentials.

2. Corporate-Controlled Mobile Devices

IT managers are rightly suspicious of devices that they can’t control. One way to gain control over mobile hardware is to provide mobile workers with laptops or devices specifically for company use. The cost of mobile hardware is continually dropping, and by issuing company tablets, smartphones, or laptops, IT has more control over hardware configurations, anti-virus protection, and remote network access, and it simplifies remote user management.

For example, if the company standardizes on iPhones and iPads, then IT only has to support the Apple iOS operating system. The company can standardize on software that has iOS apps to connect enterprise software to Apple devices. This not only simplifies device management, it also means there are fewer mobile connectivity problems to troubleshoot, and employee training is simpler.

3. Bring Your Own Device (BYOD)

Of course, most employees want to use their own mobile devices. The bring your own device phenomenon is unstoppable. A survey by IDC and Unisys showed that 84 percent of employers at some point tried to ban BYODs, but 51 percent then had to repeal the ban to control employee use of their own hardware.

Companies need to have strict policies in place as to what devices will be supported and what types of data are accessible. The problem with BYOD is you cannot control the device itself so you need to control access. That means locking down applications and systems that contain sensitive data so they can’t be accessed from outside. It also means making sure that remote users have security software on their smartphones or tablets that allows the device to be remotely wiped clean case of loss or theft.

4. Network Control and Authentication

Network security is always a concern, so you need secure authentication. Most companies use password access, but a simple password is easily stolen or “sniffed” by monitoring unsecured wireless connections. Using a more hardened authentication strategy will help secure the network.

One-time passwords are one strategy, or challenging users with authentication questions. Two-way authentication also is an option, where a secure login code is sent separately as a text message or email. Single Sign On is useful for companies that want to control employee data access since it can grant access to only approved network and cloud resources.

5. Provisioning Procedures

Every company should have strict guidelines and policies about adding new remote users to the network. Forgotten users and ex-employees whose credentials are still active are among the greatest threats to network security. It’s up to the IT department to keep track of who has access to the network, and what controls need to be in place for each user.

When a new remote user is added to the network, there should be a checklist for authentication and identity controls. When an employee leaves or no longer needs remote access, the same checklist should be used to make sure all access rights are rescinded and any backdoors are locked tight.

These are just a few provisioning strategies for a mobile workforce. Cloud services, server configurations, secure access points, and other tactics can also make your systems safe and secure while promoting remote worker productivity. If you aren’t sure how to manage your remote team, call in the experts who can assess your remote user requirements and suggest strategies that provide fast, secure data access with an assured ROI.

What strategies have you used to connect your mobile workforce to your IT?