October 21, 2020

Volume X, Number 295


October 21, 2020

Subscribe to Latest Legal News and Analysis

October 20, 2020

Subscribe to Latest Legal News and Analysis

October 19, 2020

Subscribe to Latest Legal News and Analysis

Make Remote Access for Your Employees Safer & Quicker with Disciplined User Rights

During times of disruption as well as an unpredictable future, your organization’s focus on “the basics” regarding a fundamental remote access strategy and design is essential. The newly widespread remote working environment dictated by various states’ stay at home orders due to the Coronavirus pandemic, demand that successful organizations of tomorrow fully grasp the fundamentals of safe and remote access protocols and prepare for the elastic growth of a disciplined remote access initiative.  

The landscape of remote access is forever changed. Regardless of your organization’s existing hardware, software or network (WAN) and cloud design,  basic planning activities – which pave the runway for successful remote access – ensure your organization’s sustainability and enhance your competitiveness in a crowded marketplace. 

First and foremost, it’s recommended you audit your current infrastructure design – including a review of your hardware, software, infrastructure, bandwidth, security etc. Any high performing organization’s s remote access strategy should maintain SLAs (Service Level Agreements) or project deadlines and objectives with all internal users and exercise resiliency when confronted with the performance, compliance, and security demands needed to scale.

Three core strategic planning activities are highly recommended prior to, or in parallel with, an audit of your remote access posture: 

Clean Up Your Users 

Identity hygiene is a constant necessity of any organization to ensure its security stance and guarantee fluidity in the face of dynamic change. Legacy user account cleanup falls into this category, but the lesser practiced aspects of identity hygiene include organization unit restructuring and security group management. These components of a well-tuned identity management infrastructure represent the organizational layout of a business and mapping of processes to business roles which too often grow organically as companies mature. Complacency to organic growth has led many organizations to make drastic and costly decisions to start over rather than re-organize, in order to remove the cancer that has developed in their identity management infrastructure. 

Segment User Roles 

Likewise, segmenting roles is critical to identity hygiene. Most enterprises have adopted the bifurcation of administrator and personal accounts to ensure audit trails but considerably fewer have aligned security stance to personnel role. As tenure grows and roles change to meet the needs of the organization, new rights and responsibilities are created and added to those individuals with few taken away as the firm’s requirements change. Aligning roles to responsibilities, and more importantly permissions, assures audit compliance without complex explanations and eases transition should those trusted employees ultimately leave the company. 

Assign Least Access Rights to Segmented Roles 

Finally, the selection of rights assigned to those segmented roles solidifies a corporate identity management strategy. Whether assigned through a workflow engine or maintained through formalized manual processes, assuring least access aligned to each role eliminates the organic growth of unnecessary permissions or access to no longer appropriate applications. This last part is a key facet of a comprehensive strategy that many organizations – including large enterprises – develop complacency around. And the removal of access is no longer strictly necessary. It is too easy to allow excuses that support and even justify this laxity but it’s this very lassitude for least access which opens doors to ransomware propagation, disgruntled and disaffected IT administrators and glaring audit infractions. 

In summary, organizational resilience is steeped in discipline. Crisis management and the daily “X factor” can create havoc even with the best laid plans for systems maintenance. The ways in which your firm interacts with clients, partners, suppliers, and others will undoubtedly change with the heavy reliance on remote access capabilities. Those who grasp this concept now will be ahead of the game.

Remote access prowess is now an entry ticket to conducting business post-COVID-19 and absolutely can be viewed now as a true competitive differentiator. When organizations run with elephants there are only two types: 1/ the quick and 2/ the dead. Let’s encourage each other to be in the former category, rather than the latter.

© 2020 Plan B Technologies, Inc.. All Rights Reserved.National Law Review, Volume X, Number 105



About this Author

Donnie Downs Plan B Technologies IT Systems Integration
President and CEO

Donnie Downs has over 30 years of experience in the IT industry holding various positions in finance, sales management and marketing management. In 2001, Donnie founded Plan B Technologies, Inc. and under his leadership the company has steadily grown into an award-winning systems integration firm. 

Before entering the IT industry, Donnie received a BS in Political Science from Towson University. Shortly after, he was accepted into the U.S. Army Officer Candidate School in Ft. Benning, Ga. There he participated in a variety of leadership and curriculum programs.  

Donnie has ...

(301) 860-1006 
Scott Riser Plan B Technologies Data Management
Director Microsoft & Data Management Services 

Scott Riser is an experienced Microsoft and Data Management Specialist with a history of working in the information technology and services industry. Scott is a strong support professional skilled in NetApp Storage and Cloud solutions, Nutanix Architecture, Microsoft Azure and Office 365 Platforms, Commvault Backup and Recovery, Cohesity Data Management as well as Microsoft Enterprise Applications such as Active Directory, Exchange and SQL.  

Scott received his BS in Computer Science and Engineering from Bucknell University and has a MS in Information Technology Management from the University of Maryland. 

(301) 860-1006