My phone has been buzzing with news alerts on COVID-19: the current number of cases, the best handwashing techniques and the latest on flight cancellations. As the outbreak continues to grow, I’ve started to hear of large, global organizations asking their employees to work from home. Google has asked all North American employees to work from home as a precaution. Facebook and Amazon recommended that staff in their Seattle offices work from home until the end of March after employees from both firms tested positive for the coronavirus.
Up until now, these stories seemed to take place far away from me. They didn’t have any impact on my daily life. But now, unexpectedly, I have joined the millions of people who have started to work from home due to the coronavirus. I’ve traded in my desk in Ping Identity’s Austin office, surrounded by my colleagues, for my kitchen table, with my dog and cat as officemates.
The cat tries to help, but the dog prefers to sleep on the couch.
The Complete Guide to Remote Work Success
I’ve never worked from home for longer than a day, so I got nervous about how I would handle this change. As a typical millennial, I did a quick Google search for tips and tricks on how to be successful working remotely. And no surprise, news organizations have done a fantastic job releasing remote work how-to guides to help employees who are suddenly required to work from the confines of their home. Most of these guides focus on time management techniques, communication methods and how to keep a good work/life balance:
Create a designated working space in your home.
Maintain a good level of communication with colleagues using video calling and instant messaging.
Don’t wear PJs; get dressed for work.
Don’t forget anything on your desk that you might need.
I failed on that last piece of advice—I forgot to bring my large second monitor home from the office. Now I’m writing this blog on a 13-inch laptop screen. The horror!
But it’s actually not that bad. I’m a few days into my working-from-home stint and I’ve realized my second monitor is the only thing that’s missing from how I would do work at the office. I have access to all the applications and data that I need to get my job done. I do rely more on video conferencing and instant messaging, but I’m still well connected with my team. The shift from office to home hasn’t diminished my productivity at all.
The Key to Working Remotely and Staying Productive
All of those how-to guides have forgotten one necessity of working remotely—access to all the digital tools and information we need to get our jobs done. We don’t do anything on paper anymore; we’re bound to our computers and the resources we use on a daily basis. If you don’t have access to the VPN, your data or your applications, particularly apps that keep you connected with your team via video or chat, your remote experience is going to be very difficult. Employers should have IT systems in place to ensure that we can securely access applications, data and APIs outside of the office.
The Ideal Work-from-home Experience: Productive and Secure
Our IT teams all around the world are facing a difficult task trying to balance optimizing our productivity and securing valuable resources. Getting this right means giving employees a frictionless experience and easy access to their authorized resources while simultaneously ensuring that each resource has the right level of protection. Let’s take a look at the access security required for employees like me to have a great work-from-home experience.
Access Beyond the Network Perimeter
Historically, organizations secured resources by only allowing access when an employee was on the corporate network. As more employees began to work remotely, VPNs were put in place to provide them with access to all company resources. This is a good starting point for remote access, but organizations need to be careful that employees aren’t gaining access to resources they don’t need. Organizations today are adopting Zero Trust strategies where no network traffic is trusted and access is granted only with authentication.
Employers need to implement centralized authentication services with single sign-on (SSO) and multi-factor authentication (MFA) to control how employees access every application. By removing silos and requiring a single password for all digital resources, centralized authentication services allow employees to easily and securely access the applications they need.
Limit the Need for Passwords
We all hate passwords. They’re easily forgettable, have complicated rules and constantly change. You might even have a post-it on your desk that lists all your passwords. And what’s worse, passwords just aren’t very secure.
Organizations should require MFA when remote employees are accessing resources, particularly high-value or high-risk applications or data. They can combine multiple authentication factors together, such as a password, fingerprint and Yubikey, to ensure that resources are protected without disrupting our workflow. By leveraging stronger authentication factors, organizations can even become passwordless, meaning a user could use a fingerprint, token or authenticator app as the primary factor for authentication, rather than a password.
Protect Every Resource with Intelligence
To get our work done, we don’t just need access to applications. Data and APIs are resources we use on a daily basis to accomplish tasks, so we still need to access them while at home. By applying centralized authentication services and comprehensive access security, employers can ensure that every resource down to the API and data layer is accessible, yet protected.
But as the number of remote employees and resources accessed increases, it becomes more difficult to detect all threats against applications, APIs and data. This is where intelligence can give an organization an advantage in determining which users should have access as environments change. For example, evaluating risk scores based on location and user behavior can help determine if step-up authentication is needed, and machine learning can help an organization understand typical API traffic behavior to block abnormal behavior that could be a threat.
Ping Identity provides workforce identity solutions to enable the productivity of the largest enterprises’ remote workforces. For example, the Gates Corporation implemented Ping to enable enterprise-wide SSO, so all their employees have secure access to resources no matter where they’re working from.
So far, my experience working remotely has been smooth and hasn’t disrupted my ability to get my job done. I have everything I need to be productive while I work at my kitchen table with my dog and cat by my side.