Remote work & WFH Policies: FAQs Answered

Manuel Reischl Head of Customer IT Support @ GlobalDots
3 Min read

We were recently approached by the press to provide some policy guidelines for companies adopting the hybrid or 100%-remote model.

Truth be told, GlobalDots’ legacy of remote work dates back to the surge of Skype. Yes, we’ve been working remotely for quite a while, so for us, the Pandemic didn’t change much.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

It is this time-honored tradition which makes us pursue the easiest, most effective way to secure the distributed organization: For our clients, as well as for our own assets. And today, we believe, this comes down to a single trending term: Zero Trust Access.

These guidelines below will inspire you where to start your own Zero Trust journey.

What is a proper remote work policy in 2022?

All remote users should be given Zero Trust network access (no VPN) with enforced and adaptive MFA for application access. An additional VPN should be provided to be used on non-secure wifi domains.

What should I allow employees to do with their own devices?

Only web access should be allowed from BYODs. This means no email is downloaded locally, and apps must be consumed via a Zero Trust web portal.

How should I treat traffic from risk areas, like China?

Remote access should be restricted to countries from which you expect traffic (i.e. where we have employees and/or locations they travel to/from). Other countries are blacklisted from remote access. Adaptive MFA ensures users location is tracked, so if a user is tracked in Germany, then 10 minutes later tries to access from Russia, then higher authentication protocols will be required (as travelling this distance in this time is impossible)

What is a proper security policy when employees travel for work?

Travel devices are not necessary, if all resources employees consume are either SaaS and/or provided through a Zero Trust access portal. All devices are treated equally, i.e. untrusted!

Employees should be instructed never to connect to open, unsecure wireless networks. However, in such cases where it is the only option, enforce using secure VPN for all traffic. Example would be a coffee shop wifi that’s open with no password: in this case users will connect to the wifi first, then connect to a secured VPN to tunnel all requests outside of prying eyes.

How do you get security clearance for WFH workforce?

Basic training on do’s and don’ts of remote work must be given to all new starters as part of employee onboarding. The IT department will sign these off and then remote work can be allowed.

How to audit compliance by your employee?

For any action that would put company data at risk, ensure systems do not allow non-compliant behavior. For other activities, make sure to have Zero Trust access logs and audit trails. User web access to social and gambling sites (for example) can generally be allowed, but log data should be available if ‘fair usage’ policy is not adhered to.

Adopt Zero Trust Today

Your Zero Trust journey doesn’t have to be lengthy. At GlobalDots, we have unrivaled access to the latest technologies, and implementation expertise to get your defenses up and running the same day.

Leave a message for a commitment-free consultancy!

Latest Articles

On-Demand Webinar: CISO’s Roadmap to Cloud Security Excellence

Today’s CISOs face a daunting array of security threats. From ransomware and cloud misconfigurations to zero-day exploits and code vulnerabilities, the stakes have never been higher. Join our cloud security expert engineers for an enlightening webinar that delves deep into the state of cloud security in 2023. Learn about the best tools and practices that […]

GlobalDots
18th June, 2023
The fastest Zero Trust browsing & app access service

Welcome to our Solution Brief on Zero Trust, the future of cybersecurity. Our expert team at GlobalDots has prepared this to help you understand the key components of Zero Trust, and its role in securing modern business applications and data. Our Zero Trust solution covers all the critical components of ZTNA, including VPN replacement and […]

GlobalDots
9th March, 2023
How to Keep Hackers Out of Your Distributed Environment

New normal, new challenges One of the outcomes of COVID-19 has been our newfound openness to remote work. According to a recent PwC survey, 41% of workers would now prefer their workdays to be fully remote, compared with 29% in January 2021, signaling the desire to work remotely is only ramping up. For cybersecurity teams, this new reality brings […]

Manuel Reischl Head of Customer IT Support @ GlobalDots
19th December, 2021
Adapting Security to Work Anywhere

“Working from home 2021″ marks a massive shift away from common workspaces in response to the global pandemic. There is no more working remotely or working from home, there is just working. The axiom, “work is what you do, not where you go” has never before been so true. The possibility for the workforce to be location independent […]

GlobalDots
31st May, 2021

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential