Securing Remote Locations in 3 Steps

April 20, 2011 - 0 Comments

VPNs, protected devices, and secure wireless LANs are keys to successful remote security.

Everyone understands how important it is to batten down the security hatches at company headquarters. But in the haste to protect the network and devices that store a small company’s critical business data and host its key applications, remote offices are sometimes forgotten. You need to make sure remote offices are equally secured, with an eye toward handling a few challenges specific to a location far from headquarters.

Any place someone works outside of your main facility can be considered a remote office, whether that’s an employee’s spare bedroom or a rented suite in a different state. All remote offices share a few security risks: a connection to your network via the public Internet; personal devices used for work, such as laptops; and the potential for unauthorized access to your company’s computing assets, both the equipment and the data stored on it.

Three steps to securing a remote office

The first step in securing a remote office is to install a VPN along with the same network defenses installed at your main location, including a firewall. Essentially, a VPN creates a private and secure tunnel for communications withyour company’s network through the open the public Internet; it encrypts the traffic travelling between remote users and your central network. All employees connecting to your network, whether from home or another building, should always gain access only through a VPN (just like mobile workers).

One easy, cost-effective way to install both a VPN and a firewall is to choose a router with both applications built in, such as the Cisco Small Business RV Series Routers. These devices, designed to safely connect small companies to the Internet, include not only a VPN and a firewall but also advanced encryption and authentication features to further protect a remote office with its own small network.

If you need more security features, you could instead use a security appliance, such as Cisco Small Business SA500 Series Security Appliances or the Cisco’s ASA 5500 Adaptive Security Appliances. In addition to providing a VPN and a firewall, security appliances deliver advanced security features, such as intrusion prevention, that may be appropriate for a remote office network.

The second step is to install the same security software on remote employees’ laptops that you use on PCs at the main office. This should include security software (antivirus and anti-spyware ) on even the devices employees own but use for work, such as smartphones and tablets like the iPad. Security software must be kept current for it to protect against the rising tide of new attacks, so configure it to update regularly and automatically.

The third step in securing remote offices is to prevent unauthorized users from accessing your private network and business data. This is very important in a shared location and often can happen through a wireless network—anyone near the wireless access point can jump onto your wireless LAN if it’s not locked down—or by simply sneaking through an unlocked door.  Make sure users can only access the wireless network if they’re authorized and have an undecipherable password. If you’re concerned about equipment theft,tampering, or wiretap connections such as in a shared wiring closet, you might consider installing an IP video surveillance camera that streams video in real time over the Internet.

What security challenges do you face at your remote offices?

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.