by Blake Britton, Vice President, Axxys Technologies
Businesses want flexibility in how their employees work, collaborate on initiatives and projects, and provide access to key systems and files. There are so many applications that can be used nowadays for users to be able to work together, including Skype, Box.com, Dropbox, SharePoint, Spark, and so on. These are just a few that we run into with our client base. With more and more ways to work away from your desk businesses must provide a structure or framework that protects their business data. End users should all work under a single corporate umbrella “technology use policy” for these applications to protect your information and provide a guide for all users to follow. Here are a few considerations for working away from the desk and providing a safe and secure collaboration plan.
Working Remote
If using Cloud-based solutions for sharing files or applications is not an option for you, Axxys recommends that anyone who connects remotely to your business do so via a virtual private network (VPN) connection. Even if they are connecting through a Remote Desktop or Terminal Server, a VPN is recommended to provide an extra layer of security to protect the organization. Most all firewalls provide VPN connectivity that can be used to connect securely. While there have been some restrictions on what type of VPN connection can be initiated from some public Wi-Fi hotspots, SSL VPN is a method that can traverse most networks. VPN access will allow you to connect to the company’s production network, access files, and run SOME applications. Most applications will not run optimally over a VPN, but will run well from a Remote Desktop or Terminal Server connection. Axxys recommends that any device that is going to connect remotely comply with your company’s security policy. In the event a home user machine connects via VPN to the network/server, it is possible that your network can be exposed to any malware/viruses that may be on their machine. Providing them with a machine to use from home that is protected by your security software and policies is recommended.
Sharing Files/Collaboration
There is no shortage of vendors that offer the ability to share files online. Axxys has noticed within our client base that most businesses are allowing users to simply use their own accounts as opposed to a business established account with these vendors or manufacturers. Axxys recommends that any file sharing or collaboration application be integrated with your company’s Active Director Server. In most cases it will allow the business to control who has access, how they access (password protected), and what can be done with the files that are being shared (edit/delete/read only). An example is Office 365 and the use of SharePoint or OneDrive for Business. Each of these applications are controlled and accessed by the end user through the Active Directory account settings from within your company network/domain. From a security perspective, any and all documents that are stored in, or shared from, this environment are protected and still under the company’s account. In the event an employee is terminated or leaves the business you still maintain the control. Is this 100% protected from the employee being able to move these documents to their personal possession? No. However, with a corporate account you give yourself a chance to maintain the integrity of your company data.
Voice Communication(s)
Company voice communication essentially has two facets – cell phones/mobile devices and desk phones. Voice communications is one of the fastest changing aspects of businesses. Businesses want the ability to communicate from outside the office but still maintain control of the calls. Within our client base most end users are using their own personal phones as their mobile business device as well. While this is accommodating for the end user and for the business (in some cases) it could be a vulnerability to the business. Axxys recommends to our clients that end users be made aware that if an employee leaves the business the device can be “remote wiped” in order to clear any company data from the device. We also recommend that end users are provided a “company owned” device so that the business can maintain as much of the call/data control as possible. Axxys uses an application called Jabber from our Cisco voice system that can simply pass calls internally to our mobile devices without the client being provided an end user’s personal mobile number. Jabber can run from ANY mobile device (laptops, mobile phones, tablets, etc…) and provide video calling, chat, voice calling, file sharing, and many other features. The main point, Axxys is providing a common toolset for group collaboration and communication. For additional compliance or security concerns we also have the ability to record calls and all chat messages within the application.
Business are using lots of tools and applications to work smarter from anywhere and everywhere. Axxys understands this is the way business works today and simply wants to help companies to understand how to accomplish it and still maintain the integrity and control of your proprietary information. Reach out to us and let us show you how we are getting it done at Axxys.