Working Remotely with Coronavirus (COVID-19)
More and more often we are being approached by clients who want to understand what options are available for remote working, given the situation with Coronavirus (covid-19). In this article, we will look at the various options available for companies who want to explore Working Remotely with Coronavirus (COVID-19), as a regular business option or as part of contingency planning.
The process of contingency planning for corona is very similar to traditional BCP (Business Continuity Plan)/DR (Disaster Recovery) planning – but for many businesses, they want straight forward options now. To be clear you should not look to loosen the security, integration or data protections in place currently.
We want to highlight that this post does not try to shed light on every possible scenario or challenge, and it does not try to replace a comprehensive DR and BCP plan. The sole purpose of this post is to provide inspiration and thought that may enable a remote-working scenario, if that is something your business wants to explore.
You would expect, every option we discuss, will have nuances, constraints and gotchas. We highly suggest you speak to your IT team, IT provider, MSP or a reputable firm with experience of these matters. It is very important to note that working remotely is NOT a new concept; many successful businesses function regularly with a remote workforce. You may find that a common trait among these companies is the effective use of their technology. Whether its in response to Coronavirus, or a general acknowledgement that remote working is efficent and a good thing, we will start with at the beginning:
Assess existing setup
There is a solid chance that your existing IT infrastructure may already have the features and capabilities to support remote-working. Before beginning a project of investment or change, we highly recommend businesses undertake a quick feasibility study to understand your existing skills.
Technical questions and thoughts may include:
- Desktop environment
- Does your business currently support VDI (Virtual Desktop Infrastructure) or RDS (Remote Desktop Services)?
- Does your staff have laptops or desktops? Do you have any spare full systems?
- If you have desktops, do you use Windows 10 Professional, Apple or other?
- Is your e-mail system accessible outside of the organization, on phones/PCs/tablets?
- Does your business use Office 365 or hosted Exchange?
- Does your business have endpoint protection/antivirus?
- Does your business use 2FA/Two-Factor authentication?
- Productivity apps
- If your business uses Office 365, do you know the subscription level (i.e. E3, Business Premium)?
- Do you know if your Active Directory domain is synchronized to Azure?
- Firewall / Internet Edge
- Does your organization have a firewall solution?
- Does the firewall support VPN or remote access?
- Are there any connection/concurrent user limits imposed by the firewall?
- Internet connection
- What internet connection does your business use? Do you know the upstream/downstream connection speed?
- Can the connection speed be increased if necessary?
- Does your business use MDM (mobile device management) software?
- Does your business have a BYOD (bring your own device policy)?
- What type of phone system does your business use? Traditional hard-wired, IP based, or hosted?
- Can you add remote-working options to your phone system?
- Do you have a list of all phone numbers or DIDs?
- Does the phone system have a mobile or windows software client?
Preliminary: Understanding working practices and options
Before we can think about the most appropriate solutions, you need to have an understanding of your business operations, workflows, teams and their use of IT systems. You can also explore other, less traditional options for remote-working.
- How many staff members do you employ?
- In theory, how many could do their jobs using a remote terminal and phone?
- Are your staff members logically grouped into teams or departments?
- Business functions
- What software applications are used by your staff? Can you rank them by priority and importance? Are they custom applications or supported by a vendor?
- Working environment
- How many staff have a suitable location at home where they could work remotely? i.e. Home office, table, spare room.
- Do your staff have a suitable internet connection at home?
- Would you be willing to let staff bring their desktop PC or laptop home to work (subject to additional controls)?
- Is your business governed by any regulations or laws that may prohibit staff working from home?
- You may need to consider a policy or campaign to educate your customers to set expectations and be open.
- Other considerations
- Do you need to consider insurance implications if staff are working from home?
- Should your business consider subsidizing expenses incurred by staff working remotely?
Access the workplace remotely
When we talk about the ‘workplace’ that really means your systems, data and working ‘environment’ (or a digital representation!).
1) Staff access their workstations remotely using VPN
If your business uses Windows 10 and has an enterprise firewall that supports VPN (virtual private networking), one option is to allow your staff to access their workstations from home remotely.
To do so, they would:
- Install a VPN client on their home PC
- Connect to the workplace using a VPN (and ideally, two-factor authentication)
- Launch RDP and remote onto their PC
There are some pre-requisites:
- A firewall that supports VPN.
- Two-factor authentication is recommended.
- Your desktop PCs need to support Remote Access and have RDP enabled.
- Some necessary changes and instructions for staff.
2) Staff access the VDI/RDP environment remotely, using a VPN or otherwise
For organisations who already use VDI/RDP, accessing the workplace can be an easier task (depending on your policies)
- Install a VPN client on their home PC
- Connect to the workplace using a VPN (and ideally, two-factor authentication)
- Launch RDP/Citrix/VMWare and launch a VDI session
- Ensure your IT policies and ACLs allow remote-access
- Launch RDP/Citrix/VMWare and begin a VDI session
3) Install remote access software on each PC
Teamviewer is a software tool that enables remote access to PCs. However, your business should consider all options, including security risks and privacy issues.
This is not a recommended solution, but potentially a quick-fix if your business doesn’t have a VPN, RDP/VDI or similar
- Purchase remote access software such as Teamviewer, LogMeIn or similar.
- Install on each workstation.
- Ensure you enforce security policies and two-factor authentication. This is vital.
- Staff launch the remote access client at home, select their PC and connect.
4) Staff access the workplace remotely using VPN
If your business has VPN support, staff members can follow the steps contained in Item (1) but instead of accessing their PC – they can natively access servers, applications and systems from their home PC. This is only possible if your business uses web applications – but it still presents a valid option.
Alternatively, if the staff members bring their work PC home, they can VPN in, and their applications and systems will function as normal.
This is a relatively easy option, but it does rely on your business and staff members having a reasonable internet connection (particularly the upstream)
5) Cloud-Native Approach
If your business natively uses Cloud technologies such as Office 365 and Sharepoint – then you may have a range of secure options at your disposal with very little cost outlay or disruption to your business.
- Users will have access to Microsoft Office on the web or desktop applications
- Staff can access company documents in Sharepoint, securely and from home.
- Teams, Yammer, Office and Sharepoint all promote secure, remote-working in a flexible manner.
Dell OptiPlex 3070 Micro Desktop PCs are high performance, low power and excellent value desktops.
For staff to work from home, we are assuming they have a suitable PC or laptop that they can utilise. There are several options you can consider:
- Allow staff to use their home PCs – this is only recommended if you use RDP/Citrix/VDI with a suitable 2FA client and admission policy.
- Allow staff to bring their PCs home – this will require MDM/Endpoint Protection and enhancement of security controls on the device (i.e. patching, endpoint, etc.). Realistically, you will also need a VPN or RDS/VDI solution.
- Purchase new PCs or laptops for remote working. A new desktop PC can range in price from $500 to $700, while laptop prices also start at $600-$700.
Use cloud desktops. Amazon workspaces, Azure WVD and other providers can provide a temporary desktop resource – without the need to purchase new hardware. These desktops are hosted in the cloud, and a secure link to the workplace can be established.
If you can facilitate remote working, you need to consider how your staff will collaborate and communicate during their time away from the office.
E-mail is a prominent tool of choice for communication. Provided your business uses a modern platform such as Microsoft Office 365 or Exchange, accessing the e-mail environment remotely is a relatively easy task. The downside of e-mail is it doesn’t scale for teams or conversations between multiple parties. Office 365 makes it easy for staff to access e-mail remotely and in a secure manner – with compliance and audit trails.
Microsoft Teams or Instant messaging
A business chat tool such as Microsoft Teams is an excellent compromise between e-mail and voice. Real-time video, voice and chat enhances communications and ensures a level of real-time collaboration and communication is maintained. Teams works on both desktop, web, tablet and mobile – so it is very adaptable to your needs.
Voice and video
The Microsoft Lifecam provides HD video and high clarity voice with Microsoft Teams. Great for working remotely.
If your business does have an IP phone system, you need to explore staff having an IP phone at home, or, installing a phone system client on their mobile or PC.
If you don’t have a phone system that can quickly (or cost-effectively) extend outside of your organization, there are alternatives:
- Subscribe to Microsoft Teams and add the phone system features. This will give each staff member a DID that your real DID can be diverted to. Teams also support video and chat. Take a look at Enterprise video conferencing with Microsoft Teams (for less than $1k)
- Subscribe to a hosted or cloud phone system with DIDs, then divert your real DID to your temporary number.
Calls between staff members are free, and in both cases – call recording and compliance features mean you retain control and visibility (whether for compliance, privacy or productivity reasons).
If your staff members have laptops with webcams, or if your business is willing to purchase webcams – then video is an excellent option for working remotely. Microsoft Teams has native video support, and with a couple of clicks, staff can video conferencing each other, or entire groups. Support for groups makes it possible to emulate team meetings remotely, with no added cost. Webcams such as the Microsoft Lifecam cost less than $100
Intranet and Business Social Networks
Depending on your business, collaboration may be a crucial part of your organisation operates. Keeping staff informed and up to date with developments when they are working remotely should form part of your planning. Intranets were a standard tool to promote communication in a business (i.e. Sharepoint is an excellent tool for this). Many other organisations (80% of Fortune 500) choose to use business social media platforms such as Yammer. Yammer is included as part of Office 365, and it is a tool we would recommend if your business is embarking on this journey.
Microsoft Office 365 subscriptions allow you to install apps on up to 5 x devices. Great for enabling allowing your staff to use them, without additional cost.
Chances are, your business will be using Microsoft Office. If your company uses Office 365 – then you have several additional options at your disposal:
- Office 365 subscriptions may include Office on 5 x different devices. These devices may include your work PCs, staff PCs and mobile devices.
- Office 365 includes Sharepoint – which can act as a central documentary repository for business documents. The use of Sharepoint as a cloud repository gives range to a whole host of options.
Security when working remotely
If you choose to facilitate remote working, you should not (under any circumstances) look to compromise or jeopardise the cybersecurity or integrity of your business.
You must consider:
- Data protection, privacy and GDPR issues.
- The integrity and security posture of devices accessing your network. Systems accessing the workplace must have the same, or better, controls and protections than those already in use (i.e. Endpoint protection, MDM, etc.).
- If you permit remote access, enforce strict remote-access policies that use two-factor-authentication and Geo-IP restrictions (i.e. if your staff are in the US, don’t allow remote access from outside the US!)
- Make sure your systems have audit, compliance and access logging enabled.
- Review logs and remote access sessions, investigate any anomalies.
- Operate based on least privilege. If staff only need access to one app or server, focus on that. If your teams are based in the US, only allow access from the US.
You may opt to use technology such as Microsoft Intune to secure devices or Azure Active Directory to control access control, admissions and policy enforcement.
How much will remote working cost?
It depends… Of course there will be a cost or investment in the time to enable remote working for your business. Costs may include:
- Hardware purchases (i.e. Firewalls, Laptops or Desktops)
- This may consist of desktops or servers
- Software purchases/subscriptions (i.e. Office 365, Remote Access Software, 2FA)
- License costs (i.e. Capabilities, user licensing, feature unlocks)
- Consultancy and labour (i.e. IT firms to implement, advise)
- Other expenses (i.e. Insurance, staff cost contributions).
There is good news! – with the use of cloud tech, it is very possible to pay on a monthly basis. Whether for a DR scenario or Coronavirus, this means your business only pays for the resource it uses, and while it uses it. Cloud subscriptions are typically open based so this may avoid significant upfront purchases or assets on your books.
Teams is an amazing tool that enables remote-working, video and audio, screen sharing and collaboration
With so many different kinds of tech and options available to enable remote working – it can be overwhelming. If the coronavirus situation continues to develops, working remotely will be a valuable tool for any modern business.
Whatever your views on the Coronavirus – this has prompted many companies to explore remote working, or reevaluate their BCP/DR planning.
While it is considered best practice to have a DR/BCP plan in place, we do recognize that many organizations may not have implemented/maintained a DR (disaster recovery) plan, or fully explored the idea of remote working.
- We absolutely recommend that you read through these options, discuss them with your IT team/IT provider and your colleagues.
- Technology and cloud services seriously enhance the ease and simplicity of working remotely. With flexible monthly subscriptions, cloud is a flexible and fees-able option.
- Your Company may already have the potential and tools at its disposal to allow remote working – you may just need to configure it and have the security-enhanced.
- Along with technical controls; consider items such as policies, controls, guidelines and instructions.
- Think strongly about any regulatory, privacy, security, insurance or compliance implications (outside the scope of this article).
If your company would like assistance or guidance related to working remotely or wants to understand its options, please call us to discuss with our sales team. Call 937-291-9900, e-mail firstname.lastname@example.org or click ‘Schedule Now’ on our website. 🙂