We are writing this blog to narrate how we designed a solution to simplify and secure work from home or remote working requirements of enterprises.
Work from Home, Remote Working, Application Virtualization, whatever we call it, it is the need of an hour. There are many solution providers to serve the purpose of remote working, to name a few, There are many solutions available in the market. To list a few, Tata Communications, Dell Technologies, Hexaware, Conduent, Mobigic, Redington, Symantec, Google Drive, AWS, Microsoft Azrure, Google Cloud, TeamViewer, AnyDesk and many more to follow. Some of them provide hardware to store and share data, some of them provide end point security to protect data leakage and theft, some to them provide cloud infrastructure or data center infrastructure, and some of them offer bandwidth.
Here is the complexity. An enterprise has to deal with many products to achieve secured remote computing or work from home or remote working solution such that data is available from anywhere, is protected from loss, leakage and theft, and should be cost effective. Many a times enterprise users use personal devices like laptop and desktop at home for enterprise work and also use it for personal purpose including being used by family members. Such BYOD (Bring Your Own Device) way to remote working makes it more complicated as enterprise wants to backup, safeguard and protect data on employee’s personal devices from loss, leakage and theft.
What can we do as a CTO to ensure data loss, leakage, and theft prevention for a WFH or remote user. There are multidimensional issues to deal with.
A. To make sure that Remote User or WFH Users’ data is automatically backed up and a report is generated on success or failure of the backup of remote user’s computer
B. The work from home WFH user accesses the data files like designs, drawings, documents, spreadsheets, costsheets, customer data, MIS reports remotely without compromising on data security.
Requirements expressed in point A has its own challenges. We can take backup of remote computer data using an endpoint like google drive, dropbox, Amazon S3, MS Azure client. The question is which data is to be backed up? How will this agent be able to segregate enterprise data from personal data? Another challenge is about the reality that user has complete control on such data backup end point clients. WFH or remote User can pause or stop the backup, can change the backup destination to personal one. Our design thinking process recognized these challenges while providing remote working to the work from home (WFH) users. So we designed a multipurpose end point agent BLACKbox which segregates enterprise profile and personal profile, then backs up data only on enterprise profile of the work from home (wFH) remote user. It also withdraws administrator privileges from the WFH remote user and does not allow user to manage, stop, or change the destination of the backup.
Requirements expressed in point B has its own challenges. Enterprises use anydesk, TeamViewer, RDP to access the confidential designs, drawings, documents, spreadsheets, costsheets, customer data, MIS reports to give access to WFH remote user. It may compromise the security. We have recognized this challenge and equipped BLACKbox hardware which can serve as a VPN server in addition to a file server and domain policy enforcement server. Not only that but also, we have added VPN client functionality in the same endpoint agent software which serves as backup agent also. So, same end point agent can double as backup agent as well as VPN client.
Requirements expressed in point C has its own challenges. Enterprises use Remote Desktop, Anydesk, TeamViewer to access legacy client-server applications like tally, SAP, HRMS, Payroll, customized operations management software, or ERP. To extend access of these applications to a WFH remote user, enterprise need to implement complex and expensive solutions like Citrix and few others. This may not be affordable to MSMEs. We have recognized this challenge in our design thinking and built BLACKbox AAA (Access Application Anywhere) which can extend access of these client – server applications over low bandwidth and in affordable way over VPN. Enterprise does not need an another terminal server and end point to get it done. It only needs BLACKbox AAA endpoint and the BLACKbox device.
Requirements expressed in point D has its own challenges. Enterprises give access of their data and applications to work from home (WFH) remote users. They are also worried about possibilities of data leakage by the users over USB, Email Attachment, Blind Carbon Copy, and the Internet. Our design thinking recognized these challenges. The BLACKbox agent can be used as an effective DLP tool to prevent data leakage and theft over remote computing by work from home (WFH) users. It can control USB of the remote user, enforce email policies, vigil email communication, and control Internet on remote users.
That’s it. The users can access the data folders from anywhere over secured VPN as per the permissions granted to them. They can share the data with other users and collaborate. You get huge storage pool for all users (instead of per user space). While users are working on enterprise data all the policies related to USB, Email Vigilance and Internet Usage are in action to prevent data leakage and theft and protect data from loss. The data is automatically backed up. If users accidentally or intentionally deletes the data, your business continuity is not affected. Data is backed up off premise to take care of protecting data from disaster. Your data is also maintained in our signature technology known as vault workspace which helps recover data after ransomware attack. Not only that but also, screen shots of enterprise sessions are automatically uploaded on BLACKbox, so you can monitor work from home productivity also.
Congratulations ! Your form is sumitted. You have chosen the Right Path