A “Realistic Solution” for SMEs working from home. Meet the guidelines with at an affordable cost.
(translated from Japanese interview)
There are several avenues to implement telework. However, small and medium-sized enterprises are limited in their ways in terms of cost and load. We will explore ways to operate efficiently at low cost going through the guidelines for working at home.
Major telework methods has hurdles such as cost
Security measures are obviously important in working remotely. COVID pandemic pressured companies to adapt to working at home, which made some companies vulnerable security-wise. Remote networks require different security measures than those taken in the office, often requiring additional property investments. For small and medium enterprises (SMEs), which have neither the time nor the budget, this is a high hurdle to overcome.
The Ministry of Internal Affairs and Communications released its “Telework Security Guidelines (5th Edition)” in May 2021, which provides a clue in the search for a realistic solution to implement secure remote network without incurring costs. The guideline explains the basics to consider in working remotely and evaluates the pros and cons of various telework methods. It is a useful material for selecting a remote working method that matches the circumstances of each company.
Over the seven methods discussed in the Telework Security Guidelines, the “stand-alone method” is the easiest for small and medium-sized companies to implement. According to the definition of the guidelines, “stand-alone” does not mean that the network is completely disconnected, but rather it is positioned as an environment that is just not connected to the office network.
The popular remote network methods are the “VPN method,” which uses a VPN to connect to the office, the “remote desktop method,” which uses a remote desktop to connect to a computer in the company, and the “VDI method,” which uses a virtual desktop (VDI).
However, all these methods require the infrastructure of a network environment, a relay server for remote desktops, and a VDI environment, and the cost of these systems are a hurdle.
These methods are heavily reliant to the performance and capacity of the equipment. If processing becomes slow due to low-specs, business operations may be hindered. In addition, since it is assumed that each computer is always connected to the network, it is greatly affected by the network environment of each employees.
“Stand-alone method” is a low hurdle implementation
The stand-alone method is good for small and medium-sized companies that have difficulty making large investments for remote network.
Normally, “stand-alone” refers to a computer that is disconnected to network, but the Telework Security Guidelines define it as “a method of teleworking without connecting to the company network. In other words, “copying data to a company’s computer when coming to office,” or “taking data home in some way and working on a personal computer. This way, teleworking can be started immediately without any new investment, making the most of existing properties.
However, it is difficult to expect a business environment these days without any Internet connection. There are online subscription services, such as e-mail services and groupware that are used for business purposes. “What we recommend is a stand-alone system that restricts access to the office network but allows the use of cloud services such as e-mail and message. If we were to add to the Ministry of Internal Affairs and Communications’ telework security guideline, we could call it an Internet-connected stand-alone method,” said Takashi Hagiwara, Director and Head of Software Development at Jasmy.
In this remote working method, which combines the pros of stand-alone and cloud services, security control is higher than in the only stand-alone method. Although, risks associated with taking data out of the office and measures against data breaching due to loss or theft of terminals must be considered separately.
Jasmy Secure PC solves this problem. They provide data breaching countermeasures and employee activity management by installing an exclusive agent on the computer. Mr. Hagiwara said, “By combining the stand-alone method with Jasmy Secure PC, we can increase scores for security controls and other aspects of the telework security guidelines. Specifically, the stand-alone method are rated ‘S’ in terms of ‘impact at the time of network concentration,’ ‘system implementation cost,’ and ‘system implementation workload’, and we believe it is also possible to achieve a B rating for ‘ease of security control’ and for ‘reproducibility of office operations’”.
“It would be more realistic to use a form that falls between the ‘cloud method,’ in which cloud services are used only for limited purposes, such as allowing the use of communication tools such as e-mail and chat rooms. With Jasmy Secure PC, you can check the activities of message tools, and so it is possible to check the status of communication and follow up separately as necessary,” says Hagiwara.
Work at home by stand-alone method + Jasmy Secure PC
Jasmy Secure PC strengthens security controls during work from home through the following three functions.
First, let’s look at “ghost drive”. This is an exclusive data area created when agent is installed. The area must meet certain conditions to access, such as being connected to a pre-registered network, so this prevents data breaching in case the computer gets stolen or lost. The administrator can also execute control commands to lock the employee’s computer.
“When an employee’s personal computer is used, data brought to home via USB or other means can be restricted to store only on the ghost drive. Access to ghost drive can be limited by time from a control command. Even if you’re sharing your computer with your family, don’t worry about your son or daughter viewing the data on the ghost drive during non-office hours,” says Hagiwara.
The “remote handling function” collectively manages information on the computers, in example the application status of OS patches, so it is possible to check whether the computers are being used in good conditions during working remotely.
The “drive recorder function,” collects computer activity histories, manages and protects them in blockchain. Unauthorized operations are also recorded, making it possible to investigate the cause of data breaching, and having a significant deterrent effect on unauthorized operations.
“You don’t want to spend a lot of money for additional security when the stand-alone method was chosen to reduce costs. Jasmy Secure PC has no initial cost, and the fully-featured, subscription version of Agent Pro costs 440 yen/month (including tax) per unit, while the Manager, which remotely checks the status of the user’s computer, costs 2,640 yen/month (including tax) per ID,” says Hagiwara.
The combination of a stand-alone method and Jasmy Secure PC is a good solution for working remotely in companies with limited human resources and difficulties making large investments.
Note that although the stand-alone method doesn’t assume connection to office network, users may use Internet in accordance with Ministry of Internal Affairs and Communications guidelines. Therefore, anti-virus and other precautionary measures will be required.
“Jasmy Secure PC can reinforce security controls, but this is not complete. If you are connected to internet from home, there is still a risk of virus infection, so please use computer antivirus measures and preventive measures in addition,” says Hagiwara.
Solving “communication problems” during working home home
During working from home, managers and their team can’t see each other what they are doing, thus communication problems such as “not being able to ask questions easily,” “not knowing what is going on around you,” and “difficulty understanding if the load is balanced” are sometimes pointed out. Jasmy Secure PC can help you on this point as well.
“When employees are in the same office, they can easily talk with each other and share problems casually. However, this is not the case when working from home, and they may feel bigger stress. Managers need to check the workload of their team and follow up. By using Jasmy Secure PC’s drive recorder function, this should be easier,” says Hagiwara.
Watch out! Data breaching risks are larger than you imagine
Many confidential information is contained in data that employees touch during their daily work, such as design architecture and transaction data. IT professionals need to be vigilant against targeted attacks, ransomware, as well as unauthorized removal of data. There have been several cases in which Japanese companies have been sued billions of yen as a result of data breaching.
According to the “Handbook for Protection of Confidential Information — Toward Enhancing Corporate Value” published by the Ministry of Economy, Trade and Industry, there are five countermeasures: “controlling access,” “making it difficult to take out,” “ensuring visibility,” “improving awareness of confidential information,” and “maintaining and improving trust. “
Jasmy Secure PC can control access to confidential data using ghost drives and management commands and can also monitor suspicious actions such as taking out the data. In addition to visibility, both employees and administrators can ensure that they are aware of information management as an organization. In addition, since communication is also promoted based on the visualized information, it may be effective as a countermeasure against data breaching.
Security measures are becoming increasingly important as working remotely and cloud computing are becoming popular. For companies that have difficulty implementing large-scale IT products, it’s worth to start small.