I'm seeking advice on how to set up a secure work-from-home solution for our team. We currently use Active Directory on our server with specific policies that restrict what certain employees can do when they're in the office. We want to enable staff to work from home, but I'm concerned about security risks, such as them downloading potentially harmful files that could affect our server. Additionally, we want to prevent them from copying sensitive data to personal emails, even though I'm hopeful that this won't be an issue.
I'm considering an always-on VPN that connects automatically when users log into their accounts, which would ensure they can only access their PCs while connected to our server. I've noticed that Windows offers this feature for enterprise users, and NordLayer seems to provide a similar option.
Is this the best approach? If not, what do you recommend for a small company like ours to ensure both a good user experience and strong security? Thanks!
3 Answers
Many companies are moving towards TailScale for remote work solutions, especially if you have a sizable number of users like us. Zscaler is another great option utilized by larger corporations to enhance security.
To really enforce security, it's crucial that employees use company devices. You can limit access by disabling certain default features and managing user permissions effectively. This way, you can control what they can access when working from home.
Good point. We’ve just provided new laptops for everyone, and they’re set up not to save files in specific areas. In the office, employees can't save documents to personal folders, which helps with data security.
In my company, we use WireGuard, which is great for remote users. It keeps internal server traffic secure without exposing them to the internet. Just keep in mind that it might not completely protect against document access when users are logged in.
Thanks for the info! I'll look into WireGuard as well.
Thank you! I’ll definitely check out both options.