How to address the security needs of your remote users? Working from home (WFH) has become the new normal for a huge section of the global workforce, and is expected to continue even as some teams return to the office following the COVID-19 pandemic. Most companies have by now figured out how to enable remote network access, ensuring that employees can connect back to the information, applications, and assets they need to do their work. And like so many others, I now work from my home office meeting remotely with customers and coworkers, working on projects, and going about my usual business.
Meeting the Needs of Super Users
Because of the nature of my job – the numbers of people that I need to support, the large number of daily interactions with customers, my need to access large volumes of often confidential data, and the need to be constantly running bandwidth-hungry applications and services – I quickly outpaced the functionality provided by most traditional VPN connections.
While I don’t much care for the name, I fall into a category of remote workers known as Super Users that have specific challenges keeping up in this new WFH paradigm. Super Users are those with elevated credentials or access to critical business information, meaning that the security of their work activities should be a top priority for businesses.
Every organization has them. Whether they are executives, technical support managers, or data processors, these remote users all have one thing in common: they need faster, more reliable, and more secure access to a wide variety of resources, including applications, data, and other services, than your other workers.
Remote access solutions for these Super Users need to address two key issues. First, they need to provide the highest levels of security due to the sensitive nature of their jobs and the data they have access to. And second, they must provide the best possible user experience for employees even though they require more consistent and powerful connectivity to the cloud and to assets in the office. In my case, among other requirements, that means I need to be able to have a clean, uninterrupted teleconference with executives at a key customer, and even share my screen, without there ever being a hint of congestion or application lag or delay.
Facilitating Remote Network Access with SD-WAN
SD-WAN fits the bill perfectly when it comes to user experience. It provides bandwidth management, application steering, and connectivity optimization to ensure clean connections even over the public internet. And for some SD-WAN solutions, it can also provide fully integrated security to ensure that confidential or sensitive information remains private and secure. Users of SD-WAN solutions can run resource-intensive applications like streaming video, engage in screen sharing during teleconferences, use a softphone with full access to corporate directories combined with voice and data encryption, and even perform data processing without compromising the user experience.
For those CISOs worrying about how senior managers are going to be able to securely access sensitive information from their home networks, a home SD-WAN/NGFW solution is ideal. While VPNs may provide base protection, the ideal approach is to put those employees behind a firewall for the best possible security. But only if it is affordable and manageable to do so.
For Networking VPs wanting to ensure that their distributed workforce – including their Super Users – has reliable connectivity with sufficient bandwidth to do the job, a home SD-WAN solution meets all of their criteria.
Secure SD-WAN for Remote Users
The challenge here is that most SD-WAN solutions were not designed for the home office. Their size can make them unwieldy, deploying them can require a significant level of technical skill, and they are not priced for individual use. And even more challenging, few of them provide adequate security to ensure that critical applications, workflows, and transactions are properly secured.
In my case, I have installed a desktop version of our FortiGate appliance that includes SD-WAN in my home office. Because of its remote provisioning, it was a simple matter of plugging in some cords and the FortiGate then called home to get its configuration. It also includes a next-generation firewall running the exact same OS as on enterprise boxes for a full stack of protection, but in a form factor that can be deployed remotely without an on-site technician. And in my case, it has also been combined with a WiFi solution to provide secure wireless connectivity as part of the solution, freeing me up to move around my house while remaining connected.
By leveraging the built-in SD-WAN capabilities built into the FortiGate solution I have here in my home office, I have seen a significant improvement in my user experience with remote applications. And even better, when my home network bandwidth is being consumed by someone streaming movies or playing online games, its supplemental LTE connection can automatically increase capacity and reliability when more bandwidth is required.
The World is Changing. Is Your Organization Ready?
SD-WAN, and the latest entrant to the digital innovation portfolio, secure access service edge (SASE), are revolutionizing how and where organizations and users conduct business. Because of their ability to deliver robust access to all critical resources, including real-time face-to-face meetings with individuals or groups, the physical location of workers is now a matter of preference rather than necessity. Deployed the right way, these solutions also account for different user needs and levels of access and connectivity, whether for general users, power users, or super users.
Addressing this new reality requires an integrated, platform-based approach that can combine cloud-based resources with small, low-cost devices for dynamic connectivity and a full stack of enterprise-grade security. Combining technology with opportunity is the definition of digital innovation. And now, even the most resource-intensive Super User can enjoy a true in-office work environment from home without compromising on security or user experience.