Nowadays, more and more business users work from home than ever. You save time by not having to commute that far from your home to the office and use that commute time to being more efficient by getting more things done at the office and/or spend more quality time with your family, spend more time take care of yourself to become healthier by going to the gym, or even put more time into work because you now have more time to do so.
There are some things that businesses must keep in mind when allowing their employees to work from home, and one of them is IT Security. Businesses have to make sure that the employees are communicating securely to the corporate office when they are working remotely (either from the employee’s home or from a coffee shop somewhere). One of the very first suggestions is to make sure that business users are connecting with a virtual provide network tunnel to the corporate office. This creates a virtual and encrypted tunnel from their remote home office or from any other remote location. After that, all communicates to the corporate office is encrypted and transferred securely through the tunnel. Corporate users can decide whether they want to allow split tunneling or not.
Split tunneling is a feature on the virtual private network (VPN) tunnel and a business decision to send all traffic (including the internet’s traffic) through the tunnel to the corporate office. This way, the users’ laptop is protected from accessing any insecure and unsafe internet site. The corporate may also have a way to monitor and protect that VPN tunnel’s traffic so that any if there is any viruses or malwares are detected, it will have a way to stop that from infecting the whole network. There is a downside to this however. The downside is that there will be a lot more traffic going through the corporate’s network. So, the company has to decide what is best in terms of priority.
If businesses decide to allow split tunneling for remote users working from home, it should make sure that the users’ laptop has some security application installed such as firewall, ant-virus and anti-malware application enabled to detect and block, drop or prevent malicious traffic from entering and infecting others. Several solutions exist for this and one method is to use the Cisco AMP for Endpoints.
Today’s corporate end gateway firewalls are a lot more sophisticated that they do some detection and policy checks when users connect to the office to make sure that the laptops have all the security features enabled and if not, the users’ laptop is prompted to install anything that the laptop needs to comply with the corporate security policy and standard. That way, there is no need to worry that the network is unprotected and insecure.