Trying to simplify and secure the management of remote users is one of the most difficult challenges IT departments face. A very important part of this chore is dealing with the human element.
There are several human factors in trying to get a handle on remote users. First, know what users do, second know how they do it and finally know when they stop doing it. All three require you to have a close relationship with your business unit managers and human resources department.
While some companies have mastered this information for internal users, they are sorely lacking when it comes to remote users. Yet, if you look at most companies these days, they are mostly comprised of branch offices, small offices, mobile workers and telecommuters that are strewn around the globe.
Knowing what all users do is the foundation for automating processes that streamline purchasing, support and security. But you have to start with some upfront face-to-face work.
Who works where?
The first step is to sit down with your human resources team and figure out all the positions that exist in the company. For each job, you'll want to consider the necessary tools, including hardware, software and services, as well as what network access rights are required. For instance, a top-ranking financial officer will need a better laptop and access to more files than a marketing assistant, but his or her remote access might be restricted due to the sensitive nature of the data they use.
HR can help you map company standards regarding acceptable use of the network, and compliance mandates to your policies about purchasing and network access privileges. For instance, if there is a no-tolerance policy about mobile devices for finance officers because of the data risks, then you will not approve purchases for that type of equipment for the finance team. You'll also know to deny network access if someone from that department tries to attach an unauthorised device to the network.
Don't underestimate the importance of working with HR. Think of the critical knowledge HR has regarding the security of your network: It is the first to know who is new to the company and who has left it. Creating a line of communications with this department is critical to the success of your mission.
The next task is to know how users perform their jobs. This information should come from business unit managers. While the survey I mentioned in the previous column will help you start to glean this information, discussing this in person will give you a more comprehensive view of each person's role in the company.
What do they do?
Ask each unit manager to break down what each person does. This will give you insight as to what software, hardware and services you'll need to provide, as well as what level of support they'll expect. Also, discuss how upgrades and network improvements are usually carried out. For instance, does your virtual graphic design department usually wait until a large project is looming that will require around-the-clock workloads to update the entire team's graphic design software? Does the accounting team in a small office in Ohio usually run out of server space and capacity during the rush to deliver quarterly information to the home office? Knowing corporate workflow - especially knowing when remote access and other network needs will be greatest - will help you plan out your infrastructure, streamline efforts and reduce overall network expenses.
Finally, determine when users stop doing their jobs. I'm always amazed when I hear that IT is the last to know when a user leaves a job or changes position. This is one of the greatest security risks that exist in the networking world. If IT doesn't know that a person is no longer with the company, it can't change the settings that would block access to the network.
This is where your relationship with HR and business unit managers comes in handy. Develop an automated form that both groups can access from anywhere that immediately alerts you to hirings, firings and changes in position. This information should bubble up to the top of whatever IT is working on at the time and take precedent over all other projects.
For instance, if someone in accounting decides to take a job with the sales team, he should immediately have his access to company financials revoked. Or if a user with a corporate mobile device is let go, you'll know to remotely erase data off that device.
Knowledge is a powerful tool. The insight you will gain from meeting face-to-face with your colleagues is sure to improve your ability to protect the network, as well as provide remote users with the appropriate tools to do their jobs.