Stop Shipping Laptops to Your Remote Workers & Contractors


Gene Villeneuve

Gene Villeneuve

Sep 28, 2020

·

6 min read time

Stop Shipping Laptops to Your Remote Workers & Contractors

According to Gartner research, one laptop is stolen every 53 seconds. And nearly 41% of all data breach events from 2005 through 2015 were caused by lost devices such as laptops, tablets and smartphones. What this research neglects to mention is that mobile device security developments have outpaced those of desktop operating systems, leaving laptops as a far greater source of risk than phones and tablets.

The result? U.S. organizations face the threat of a breach with an average cost of $3.86 million (according to IBM Security’s 2020 Cost of Data Breach Report). .

Shipping laptops is increasing your threat surface

With COVID-19 still posing a significant threat, it is likely that the majority of your workforce is still working from home and you have new staff members joining without ever stepping foot into a company building. This also means your IT teams are spending too much time organization the shipping of laptops to those new staff members.

And by simply shipping laptops to remote workers and third-party vendors, across the globe, you are opening your business up to unnecessary threat surfaces and security risks. Laptops can be stolen, lost, or compromised either within the shipping period or once in the hands of your new employee or  contractor. Moreover, shipping and customs procedures at international borders introduce additional complexity and administrative delays that lengthen the time before a project can actually begin.

Company-owned laptops in the hands of remote staff and service providers introduce other risks such as  malware intrusion from high risk end-user computing like web surfing or using public WiFi access points. VPNs provide some degree of protection from the risks of using uncontrolled and inadequately secured WiFI networks, but many VPN implementations provide insufficient protection against “man in the middle attacks”. And there remains a risk the laptop could contain viruses or malicious software obtained via high risk user behaviors. Once on the endpoint device, the malware will quickly penetrate into the corporate network via the VPN connection with inevitable consequences.

Shipping and customs delays aside, laptops are also at risk of being ‘lost’, stolen, or spied upon in countries with hostile nation-state cyber activity. Similar risks can be associated with any remote access solution that requires credential delivery using traditional email or other collaboration tools.

But an even bigger challenge for companies who distribute laptops to far-flung employees just might be keeping track of them all while ensuring their performance is up to speed, and keeping them secure. This requires a massive investment in time and IT resources – for starters, a live inventory of all company assets must be created and kept up to date. There are solutions that can help make this job easier for IT managers, such as auto-discovery placing physically trackable stickers on every asset, but these tools typically only tell half the story: You can’t tell what software is installed on the machine, what OS it’s running, or how often or when it’s being used.

Unfortunately, a large number of businesses who ship laptops to virtual employees end up with a lot of IT equipment scattered across different geographic regions, but very little insight on exactly where those assets are or what’s being done with them.

The cost of shipping a physical laptop to a contractor

The typical cost of buying, configuring, managing, and shipping laptops to consultants is around $3000 per laptop or per consultant, plus the ongoing costs of support and the costs of returning the laptop at the end of the project. In addition, there are costs that cannot be quantified but could be exponentially more expensive for loss of data, intellectual property, and reputational costs should a laptop be compromised, lost, or stolen. Shipping laptops also brings with it a loss of agility. The lead time to deliver laptop to remote contractors doesn’t just impact project start times, any subsequent resource augmentation or replacement to address a change in requirements or prioritization will also be subject to the same delays.

Project delays as a result of shipping laptops

Security vulnerabilities aren’t the only things putting your project at risk. Shipping delays can put your project timeline in the red.  One service provider in Spain validated this story with us just recently. Although a relatively small and international provider, they offered a global set of experts with unique skills and global customer support, with this differentiator, they won a contract with a large financial services institution in the USA. Thus begins their laptop shipping nightmare…

The contract insisted the service provider use laptops owned, configured, and shipped by the financial institution. The customer shipped the laptops to the service provider in Spain and subsequently dealt with considerable delays releasing them from Spanish customs. After three months of paperwork submissions to the Spanish authorities, the laptops were finally released. However, by the time they were in the hands of the service provider employees, the tokens and access rights had all expired thus adding more time to resolve the security tokens and reset the access credentials. Meanwhile, the high priority project was severely behind schedule with the business owners becoming increasingly frustrated with the IT team within the financial services institution.

The solution? Virtualizing the laptop process

What if there were a better, more secure, more efficient way to onboard remote staff and IT consultants? What if you could eliminate the need for hardware altogether, remove the fear of endpoint devices being compromised or stolen, and eliminate the risk of data loss, while at the same time achieving far greater levels of business agility?

There is a way to completely virtualize the laptop shipping experience and turn the traditional method of onboarding workers on its head.

With a SaaS-based Secure Virtual Room, organizations can stop shipping laptops to the remote workers and global IT consultants. They can create a secured perimeter or virtual extension of their organization where they control the Windows and Linux workstations, install all the necessary tools and intrusion detection, and endpoint management tools; set system access policies and network segregation rules; decide who they want to invite into the secured perimeters and what policies they want to enforce; and are immune to threats to end-point devices. Moreover, IT organizations can switch from a capital expense to an operational expense model with elasticity to scale as demand goes up and down.

Want to learn more about how Tehama.io delivers Secure Virtual Rooms? Email [email protected] or download our Guide to a Virtual Office-as-a-Service.


Shape line

Read More

How to Manage Your EUC Strategy During a Worldwide Hardware and Chip Shortage

How to Manage Your EUC Strategy During a Worldwide Hardware and Chip Shortage

In late 2020, as the COVID-19 pandemic continued to surge around the globe, the world began hearing about a new crisis – the global chip shortage. Primarily attributed to the pandemic, the crisis stemmed from the global lockdowns that sent workers home and took factories offline during 2020. At the same time, demand for electronics rose exponentially as consumers upgraded their home computers, monitors, TVs, webcams, and more to drive connectivity, collaboration and productivity for themselves and their families during lockdowns. This has now created a shortage of processors, memory and other chips used to power everything from computers, gaming consoles…
US Executive Order means stronger software supply chain security. Tehama Secure Digital Office delivers.

US Executive Order means stronger software supply chain security. Tehama Secure Digital Office delivers.

A recently-announced Executive Order on Improving the Nation’s Cybersecurity from U.S. President Joe Biden means many companies will soon have to step up their IT security and compliance game. The Executive Order is intended to provide a preview and guidance to the direction by both public and private sectors. Most onlookers agree that software and other companies doing business with the U.S. government will almost certainly have to (among other things): Implement multi-factor authentication and data encryption Submit and abide by a “software bill of materials” stating exactly what’s inside their  software (this would override any non-disclosure agreements in place)…
Weighing the costs and savings of remote work – Five key areas

Weighing the costs and savings of remote work – Five key areas

Commercial real estate, computer hardware, catering, utilities, cleaning staff, supplies and physical security are just some of the costs eliminated when employees work from home. On July 22, I hosted a panel for Tehama’s Digital by Default Summit on the costs and potential savings associated with remote work. One of our panelists was Susan Richards, managing partner of numbercrunch inc., which offers outsourced CFO services for small business clients. When asked if she would consider ditching the traditional office, based on numbers alone, she had an illuminating answer. “As a managerial accountant by profession, I probably would,” Richards said. “But all the companies…
Subscribe Here!

Get Tehama insights sent straight to your inbox!