IT departments are under extreme pressure to roll out dynamic and scalable work-at-home environments as quickly as possible due to the COVID-19 pandemic. The timeline is “ASAP. Like yesterday” as Brian Madden and Shawn Bass humorously referred to in their recent article. But how do you provide WAH-ready endpoints for agents/employees “yesterday” without sacrificing security and control? The only way to achieve this is by using Secure Remote Worker on personal devices. In this post I will explain why this is.
Personal Devices vs Corporate Devices
Why might an IT department consider using personal devices when corporate devices can be pre-programmed with security policy, software and anything else the user might need? Well one obvious answer is the cost and in the current climate, the ability to purchase those devices can be limited(supply chains are increasing under pressure). When you also factor in logistical costs in terms of delivering them to the agent/employee, the time it takes to configure each one and the resources required to on-board each agent/employee with their new device, personal devices appear to have some advantages.
We can’t overlook, however, the obvious security risks, issue of control, and resources required to support multiple different personal devices which makes them less attractive. This is the very problem that we identified 2 years ago when we developed Secure Remote Worker (SRW) – a piece of software that addresses all of these issues to give you the best of both worlds – personal devices that are secure, that you manage and control and can be quickly rolled out.
So how does it do this?
Secure Remote Worker keeps things simple
At it’s base Secure Remote Worker is an application that can be installed on any Windows x64/86 type personal device. This application provides the agent/employee with the ability to launch a secure workspace that acts as an access point for all of their authorized resources. This enables them to work in a compliant and fully managed environment which they can log out of at any point and return to their own open device.
Secure and Compliant Endpoints
With Secure Remote Worker, end users on personal devices are provided a hardened thin client-like experience when active. When Secure Remote Worker is launched it blocks non-essential Windows OS features, including Windows Explorer, showing only employer authorized resources. These resources can be local or displayed via secure connections to existing VDI and DaaS infrastructure.
{% video_player “embed_player” overrideable=False, type=’scriptV4′, hide_playlist=True, viral_sharing=False, embed_button=False, autoplay=False, hidden_controls=False, loop=False, muted=False, full_width=False, width=’1920′, height=’1080′, player_id=’26082094312′, style=” %}
Secure Remote Worker also helps maintain compliance with all main data protection regulations (PCI/DSS, HIPAA, GDPR, etc.). With features including application execution prevention, USB blocking and an inbuilt write filter, data leakage in any form is nearly impossible.
Management and Control
Secure Remote Worker comes with the powerful ThinScale Management Platform. This management system allows the central deployment of software, device profiles and policy updates to agent machines.
Further, in order to assist with support and compliance, Secure Remote Worker includes central event reporting, central auditing and logging and device control options. The ThinScale Management Platform allows all this while also providing a simplified admin experience.
The management platform also allows you to check and sign off on device credentials and system health using the Validation Tool, in order to ensure security of the machines and to speed up on-boarding. The Validation Tool allows end users to run pre-configured tests (set by the IT team) on their personal devices before Secure Remote Worker is installed to make sure it meets the company’s requirements. The results of these tests are then sent right back to the ThinScale Management Console for the IT team to review. The Validation Tool can check everything from antivirus status, OS update status, and even if Secure Remote Worker is attempting to be installed on a virtual machine. All of this expedites the on-boarding process, ensuring the devices are fit for agent work.
Deploy in 10 minutes
As Secure Remote Worker is software based, it can literally be downloaded and installed by the end user in minutes. The Management Platform also allows IT administration to add more Secure Remote Worker devices on the fly, enabling fast and easy deployment. This makes it the perfect solution for companies looking to quickly add WAH endpoints.
Managing, maintaining and supporting your environment, regardless of the number of endpoints, is made easy with ThinScale’s Management Platform and its folder-based view and device reporting. You can also easily block and uninstall devices from the Management Platform in situations where rollback is required.
Simplified support
For IT, it is important to consider how hundreds and thousands of workers can be supported when they are fully distributed, especially as technical issues are seen as one of the key challenges faced by work at home employees. Secure Remote Worker allows two things that help to simplify and reduce support calls; the management console facilitates easier support as devices can quickly be monitored, restarted, unlocked or indeed any administrative function required can be performed remotely.
Additionally, Secure Remote Worker also opens up the ability for users to troubleshoot issues themselves. This self-service is a direct result of Secure Remote Worker’s framework which runs off the existing Windows OS and maintains the same hardware and network options that the end user would be used to using. This means IT need to spend less time troubleshooting why an end-user’s headset is not playing sound due to the end user themselves knowing how to troubleshoot their own device. Anything from changing the text scaling on monitors to editing mouse and keyboard settings can be carried out by the end user easily.
Quick and Easy On-boarding
Secure Remote Worker allows IT admins to centrally deploy policies, profiles and software to the end-user’s personal device which makes the technical aspects of on-boarding much easier and faster. Further, Secure Remote Worker itself can be configured to display whatever resources the administrator wants visible, helping to set user expectations and allowing them to quickly get to work using Secure Remote Worker. Additionally, as the end user is using their own device, which they are familiar with, less time is taken familiarizing the user with the device or ensuring the device is compatible with existing hardware such as printers.