The biggest issue is just infrastructure and security. We're still building up our system. Everything gets so much more complicated when your team is no longer all in the same building. We built up a really nice intranet with file servers, gigabit ethernet to all of our computers, encrypted backups. But now most of that stuff is useless because most of our team are not on the network! So now I have to write up a budget proposal to get offshore VPS service, gigabit fiber to the building, a software stack for secure encrypted messaging and file sharing over HTTP, trustworthy backup services. It's very time consuming research! And we haven't even deployed anything yet! And It's even worse when part of the team is in a completely different country, because then we can't reliably send data through the mail; we have to mule it.
If our threat model was milder we could just use centralized 3rd party web services for our encrypted file sharing and messaging. It's very difficult to secure an international remote team. I think it might actually be impossible to have full security. Especially when the remote teams have no system admin or security skills to help share the administrative workload.
People bringing their own computers also creates a huge security hole, so we're also planning to start loaning out laptops to people so we control all the software and policies on the machine.
IT support for a remote team is very time consuming. Very expensive. That's what I think.
>IT support for a remote team is very time consuming. Very expensive.
In normal times a lot of the workforce of many large companies is traveling a lot anyway. For 2019 and a few years earlier, I was traveling about a third of the time and I also mostly use my own devices. So supporting employees not in the office using gear that isn't supplied and directly secured by the company isn't some new concept.
No it's not new, it's just not worth it. Especially when the remote teams have no system admin or security skills. Better to just give them a preconfigured box with all the necessary software and policies. A buddy used to work at Booz Allen Hamilton and they gave him a company laptop with very limited permissions.
That is one approach. Give them a locked down, with no root access, Windows or Linux box and a company Blackberry. It's not unreasonable for scenarios where the highest security is needed.
That said, my experience is that most technical people really dislike that sort of thing. Of course, it's your choice if that's your priority.
If our threat model was milder we could just use centralized 3rd party web services for our encrypted file sharing and messaging. It's very difficult to secure an international remote team. I think it might actually be impossible to have full security. Especially when the remote teams have no system admin or security skills to help share the administrative workload.
People bringing their own computers also creates a huge security hole, so we're also planning to start loaning out laptops to people so we control all the software and policies on the machine.
IT support for a remote team is very time consuming. Very expensive. That's what I think.