IoD beefs up security to extend remote working practices

The Institute of Directors (IoD), which advises its 50,000-plus members on key business issues, is taking some of its own advice by openly embracing the benefits of flexible and remote working practices.

To support its efforts, the professional body is implementing AEP's Netilla Security Platform (NSP) solution in a project it hopes to complete by the middle of this year.

Following on from a four-week trial involving six users in November last year, the IoD formally kicked off the initiative in December.

The second stage, which will involve load balancing terminal server services and is due for completion by the end of this month, will then be supplemented with advanced security methods, including the potential use of two-factor authentication.

The system replaces the previous hardwired ADSL and router based virtual private network (VPN) connections linking employees' homes to the network.

It has been configured to provide thin-client-like, web-based remote application access to the IoD's Windows 2003 corporate network, enabling easy access to Windows Terminal Servers in addition to the body's UNIX, Linux, and 3270 mainframe applications including e-mail and customer relationship management (CRM).

Of the IoD's 285 staff spread across the UK, at least 40 regularly make use of remote working options. The system is configured in such a way that it can easily be modified to support additional users whenever the need arises, which will prove particularly useful in the event of an emergency

"We face a number of potential threats, partly as a result of our location in Pall Mall, Central London," said Richard Swann, the IoD's infrastructure manager.

"They range from terrorist activity blocking off access to our offices, through to poor weather and the everyday transport problems that can affect a big city. The possibility of an avian flu epidemic is another emerging risk we are aware of and we wanted to have effective remote working systems in place as a contingency. We are also keen to encourage flexible and home working."

Before opting to use the AEP solution, which was implemented by systems integrator Enforce Technology, the IoD's IT department evaluated a number of alternative solutions including Citrix and Cisco VPNs.

Due to the nature of the IoD's business and the need to ensure confidentially for it and its members, security was paramount in its final decision.

The AEP SSL VPN appliance meets the IoD's security needs thanks to an application layer proxy that presents a screen scrape of requested applications, meaning that users logging in from outside the IoD or using non-IoD machines aren't connecting directly to the corporate network.

Built-in PKI protection also ensures network resources are fully secured.

Maggie Holland

Maggie has been a journalist since 1999, starting her career as an editorial assistant on then-weekly magazine Computing, before working her way up to senior reporter level. In 2006, just weeks before ITPro was launched, Maggie joined Dennis Publishing as a reporter. Having worked her way up to editor of ITPro, she was appointed group editor of CloudPro and ITPro in April 2012. She became the editorial director and took responsibility for ChannelPro, in 2016.

Her areas of particular interest, aside from cloud, include management and C-level issues, the business value of technology, green and environmental issues and careers to name but a few.