Consider a basic network for a classic “small” company.
When the laptop or phone at the bottom come out (as when work is not on premise), everything falls apart. Identity won’t work. Access to files won’t work. Access to internal systems won’t work. In short, in a classic pre-cloud IT model without an explicit VPN strategy, many things don’t work.
A More Realistic Company Network
Most companies have more of a hybrid network.
In this network:
The Apps / Servicse in the lower right are still accessible (presumably SaaSSaaS stands for Software as a Service, which is a cloud computing model that delivers software applications over the internet as a subscription-based service. With SaaS, users can access software applications and data from anywhere with an internet connection, without the need for on-premise installation or maintenance. SaaS providers manage the infrastructure, security, and maintenance of the software application, freeing users from the burden of software updates, patches, and backups. based services)
The work in the cloud (AWS) is still accessible. Developers and IT admins can reach it. Though the VPN based “peering” is no longer very useful.
HQ is basically hard to reach without VPN
Corp Data is hard to reach without VPN
Security tools running in HQ or CorpData don’t see regular user traffic
Tools That May Not Work
Some tools we put in place for security, simply will not work the same way without adaptation.
Identity (Active Directory)
Intrusion Detection (IDSIDS (Intrusion Detection System) is a cybersecurity technology that monitors network traffic and systems for signs of malicious activity. IDS solutions use various techniques such as signature-based detection, anomaly detection, and behavioral analysis to identify patterns of unauthorized or unusual behavior.)
Data Loss Prevention (DLP)
Patching
Group Policy
Antivirus
Enterprise Hosted Anything
Strategy
Building a VPN now to restore connectivity to specific internal systems may solve certain problems. It will come with oversight and will not get you back to where you started in terms of the corp network and full connectivity.
Its a little late to start talking about business continuity strategy, but anywhere that it is possible to leverage cloud based services using a shared identify (SSO) system is going to be the most resilient to specific cloud or network issues.
Therefore, we advocate that companies bite the bullet and use cloud based resources wherever possible.
Near Term
VPN - If you can, offer this as widely as possible
Immediate Security Guide - Write down what you expect (See checklist)
Support Channel - Your users will need help
Communications (Standardize on Zoom/Slack, etc.)
File Sharing (Standardize on OneDrive/Dropbox/etc.)
Identify business processes
Medium Term
Prioritize business processes
Cloud alternatives
Start & adapt monitoring
Nail down patching (Auto updates)
Review investments
Is support working?
Long Term
Cloud based services
Operationalize monitoring
Playbook for support
Conclusion
It is time to quickly embrace the cloud and SaaS based services.
We use cookies to ensure that we give you the best experience on our website. By clicking "ok" you are consenting to our use of cookies.OkNoPrivacy policy
