During COVID-19 pandemic, organizations should use best practices to ensure remote secure access for employees at home.
This weekend we received the email that we had been expecting — Cradlepoint was asking all of its worldwide employees to work from home to support the need for social distancing, in response to the COVID-19 pandemic. As a tech company — not to mention a networking company — we were well equipped to do this. Even so, it wasn’t without its challenges. While most of us have laptops and home Internet, there were concerns about maintaining security and manageability with the sudden growth in remote users. And those employees with families all at home at the same time, trying to do schoolwork and entertain themselves on the same Internet connection, faced special challenges around bandwidth demand and setting up remote secure access to the network.
Many of our customers are dealing with this same situation and have asked us whether and how they can use their Cradlepoint solutions to support remote workers. Here is a short list of best practices.
- To simplify security, consider putting all traffic on a VPN from the router to the data center, and funneling that traffic through security services in the data center. This will maintain consistency with existing in-office policies. This is especially important if using the Cradlepoint NetCloud Essentials for IBR600C for a work-at-home solution, as it doesn’t support threat protection or content filtering on the router.
- It is possible to build a Wi-Fi policy that can limit which MAC addresses can connect to a given SSID. This can be used to limit access to the Cradlepoint edge router to only corporate assets such as company laptops or phones.
- If there is interest in maintaining visibility into the applications used at home, it is possible to turn on application visibility with a NetCloud Advanced package, although this can reduce the maximum throughput on an edge router. This is recommended with Cradlepoint NetCloud Essentials plus Advanced for AER1600 or AER2200.
- Content filtering, also available with a NetCloud Advanced package, can limit which websites can be accessed to maintain remote secure access. This can help prevent malware or viruses from being installed on company assets.
- For small deployments with fewer than 50 locations, Auto VPN allows very fast setup of secure connectivity between those endpoints and a Cradlepoint endpoint used for VPN termination such as the CR4250 or Cradlepoint Virtual Router.
- Cradlepoint’s software-defined networking technologies can help isolate and protect data, enabling you to separate corporate assets used at home, even when leveraging your home Internet connection for remote secure access.
- If you just want to provide more reliability to the at-home network, you can have the employee plug his or her DSL or cable link into a Cradlepoint router to be used for primary connectivity, with the wireless link used for burst or failover.
None of us know how long this new normal will last, but from our homes to yours, here’s wishing everyone stays safe, healthy, and secure.
Also, you can learn more about how to provide your employees with highly reliable, centrally managed network solutions for remote work in this solution brief.