Categories
Digital Workspace

Organisation of Year One A.C (After Covid19)

The Organisation of Year One A.C (After Covid19)

Credit to : Koh Ching Lan
Head of EUC, Net One Asia Pte Ltd

The Age Of The New Normal 

In this time of Post-COVID, many of us are thrusted into navigating the many changes that this pandemic has brought to the world. The challenges which the corporate organisations and businesses faced will no doubt evolved and their leadership roles will need to review the corporate responses that effectively address them. 

Eventually, we will be entering into the period of After COVID (A.C.) How will your organisation look like during thenWhat we want to drive out of this event is the impetus to accelerate digitalisation of businesses and the way people work, in addition to how businesses will be conducted remotely and digitally.     

Having IT to take the initial steps in respond to meet the demands of working from home during the lockdown period, is the norm during the beginning. Now, what will be your next steps to better support this new normal way of working (nWOW). 

Perhaps a rethinking process is in place to review the what’s next question so to better prepare and emerge from this trial into a more digitalised organisation. It is going to start right now in your workspace! 

 

Rethinking Remote Access  

Working remotely means that your organisation’s IT needs to provide a remote connection to allow users access into your corporate internal resources. Sound simple enough and the most common approach which fits such requirement is to utilise virtual private networks (VPN). However, if this be your mainstay for remote access. There will be a need to rethink how to enhance if not maintain performance, manageability, and security posture.  

Common challenges arises from just relying on full VPN for remote access: 

  • Network performance latency due to increase of VPN access connection consuming corporate network bandwidth.      
  • End User experiences degradation in situation of failed VPN connection due to latency, issue with VPN clients installed in End Point devices. 
  • Security control in relation to devices especially for external vendors who needs to access corporate resources that mainly are not managed by corporate IT. And difficulty in managing variant policies to control access.  

Let’s make one thing clear 

This is not to say that having full VPN for remote access is wrong, rather to imply that relying just on this method can limit your ability to respond adequately to service the new changes or demands as businesses evolved into a more digitalised environment.  

Digital Innovation a need or want? 

This new normal will not primarily occurs within the internal corporate network only. A significant portion will be from external as well as business applications and data that is increasingly resides out of organisation premises. 

A rethink process is in order on how to unify a diverse need in terms of devices, variant types of applications, residency of data for collaboration and secure control of access from external internet traffic.  

The time to innovate never bears such urgency to innovate the traditional work methods into a new workstyle.   

VMware Workspace One – UAG Edge Multi-Services Hub 

Unify at Proxy delivering multi-edge services 

Proxy services in the DMZ that provides connections inside organisation trusted network is the de facto set-up. The importance of this services accentuates even further as more connections is coming from remote. Utilizing VMware Workspace One – UAG technology. This becomes your unified platform for multiple edge services to provide secure access to your corporate resources. Such approach unlocked the limitation in terms of siloed services and enables you to have the flexibility to provide multiple services at the proxy edge.  

Net One Asia’s Work Style Innovation (WSI) practice looks at 3 key services capabilities to give you this “Edge” in providing the next normal access services.    

We will cover more about this in our next blog post Organisation of Year One AC Part II. 

Net One Asia Workspace as a Service is a intelligence driven digital workspace managed service platform that simply and securely delivers and manages any application and desktop on any device by integrating access control, application management, and multi-platform endpoint management.

Subscribe to Our Newsletter
* indicates required
Subscribe to Our Newsletter
* indicates required
Categories
Digital Workspace

Secure Your Virtual Desktop

Secure Your Virtual Desktops

Credit to : Junichi Atsumi
Security Team, 1st Applied Technology Department, Business Promotion Division - Net One Systems Japan

An evolution is now stirring up attention in all industries due to COVID19 where now working from home is the new way to work, and the ICT technology for this is “Virtual Desktop Infrastructure” (VDI). 

By providing VDI solutions and DaaS services , Net One is contributing to Work Style Innovation in terms of promoting VDI and other solutions.

Why is VDI so popular from the security aspect? 

The reason is that you can enjoy the following benefits. 

Why is VDI so popular from the security aspect? 

Although information security countermeasures are being put in place by the separation of Internet connection as well as the business system environment; as well as the automation of isolating any possible malware, however, the environment could still be rendered helpless to guard against the possible targeted attack and will be impossible to retrieve any confidential information inside any PCs, laptops or business units.  
 
As a result, many local government authorities have introduced VDI into the organization, in order to create a stronger security defense.

What are the VDI challenges? 

VDI is a modern technology that is expecteto promottelecommuting.  

Although VDI is used in various environments such as via the Internet and closed networks, but security must be considered as there are employees who will be accessing the network remotely from potentially insecure connections.   

Therefore, by properly implementing the right authentication process, which is part of the measures against unauthorized access, will it allow the VDI to enhance the efficiency and performance of telecommuting employees, in addition to strengthening the security in the deployed centralized location. 

What is “authentication”? How will it enhance VDI? 

VDI is also based on password authentication (to determine if the person is an employee or not). In a VDI environment that can be accessed via the Internet, additional authentication (multi-factor authentication) should be considered on the assumption that “passwords could be compromised.” 

Multi-factor authentication is an authentication method in which a computer user will only be granted access upon successfully present two or more pieces of evidence to an authentication mechanism such as a password together with a smartphone fingerprint or face identification. 

What is a recommended solution for VDI? 

Here, we will introduce VMware’s Horizon as an example of VDI solution. 

For Horizon, a server called “Unified Access Gateway” (UAG) that accepts VDI access from the Internet is placed in the “Demilitarized zone (DMZ). This UAG server is included in the Horizon license and uses the Linux OS that stopped unnecessary services, so you can safely place it in the DMZ. 

VDI authentication is controlled via the UAG server. It supports multi-factor authentication such as a device for one-time passwords and security certificates, a reasonable solution that can strengthen authentication at a low cost.

When implementing multi-factor authentication using smartphone, biometric recognitions, keycards etc through one-time password authentication or certificate authentication, a frequently asked question is, “How do we reduce the operational load?“.  

For example, in order to use one-time password authentication, one-time password products (servers) are required. Besides the system administrator endthe user side will also have to load the issued one-time password each time. Potential hacking towards the one-time password through the smartphone can also happen 

A safer method of leaving additional authentication (multi-factor authentication) to the cloud is derived.  

With push authentication, push notifications are delivered to smartphones. Authentication will be complete just by tapping the notification, so the load of keying a one-time password can be reduced. 

Net One Asia Workspace as a Service is a intelligence driven digital workspace managed service platform that simply and securely delivers and manages any application and desktop on any device by integrating access control, application management, and multi-platform endpoint management.

Subscribe to Our Newsletter
* indicates required
Subscribe to Our Newsletter
* indicates required