remote office (elenabsl/


How-to guide for securing work-from-home data

While some states have been granted what many view as a temporary reprieve from massive growth in new COVID-19 cases before a potential second wave in the fall, others already are seeing more cases and hospitalizations, describing it as having transitioned from “success to disaster.”

Consequently, both the public and private sectors are navigating the pros and cons of what may become an enduring paradigm: work from home (WFH) in complete or hybrid scenarios.

Certainly, for employees, one benefit includes the ability to maintain control over their schedule and enjoy a bit of flexibility, which can be decidedly welcome, especially for those with family, friends and/or pets as their new officemates. Employers benefit as well, as virtual working has been proven to dramatically increase productivity. Prevailing research demonstrates that remote employees do three additional weeks of work per year.

Working from home also offers health and safety benefits, but when it comes to data safety, it’s a much different story.

Whether an agency has rolled out a full WFH setup or is considering various hybrid virtual-work scenarios that include a mix of office time with remote work, there are serious security considerations for IT managers. When agencies open the door for employees to access internal networks, they may unwittingly invite cybercriminals inside as well. So how can agencies provide access yet maintain fortress-like data security?

One option is a traditional (read: old school) solution: virtual private networks. VPNs are still the go-to solution in many government organizations -- but that’s based on their performance in an on-premise environment, not the current hybrid multicloud world. Today, with agencies preferring hybrid cloud environments that mix on-premise systems with multiple clouds both public and private, VPNs have serious issues. More IT settings mean greater risk of data exposure and security breaches.

WFH setups layer on even more security vulnerabilities, as remote employees have access to a slice of the network, exposing an unprotected attack surface. It isn’t being dramatic to say that WFH employees can unintentionally enable attacks and open the entire network to hackers who, having gained access, move laterally through connected systems. VPNs have other drawbacks as well. With each third party having different networking configurations, IT gets stuck managing a complex collection of VPN connections.

Software-defined perimeter solutions, however, can make these VPN security problems disappear by green-lighting connectivity to distributed apps and clients across multiple clouds, sites and domains. In a WFH environment, this is not just a nice to have but a necessity. The outcome is application-level access, eradicating VPN’s network-level access. SDP consequently averts lateral attacks in what is now a “secure by default” environment.

Bottom line for agencies moving to WFH setups: SDP solutions set intensive limits on those who are accessing government systems from home, preventing global access and instead allowing IT-approved access only to specific applications that a user requires. By removing the network attack surface, agencies can safeguard their data -- as well as their employees’ personal information -- creating security and goodwill throughout all levels of the organization.

About the Author

Don Boxley, Jr. is a co-founder and CEO of DH2i.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected