Enhancing Remote Workforce Security: A Construction Company’s Journey with FortiClient EMS

In today's digital era, remote work has become increasingly prevalent, even in industries traditionally reliant on physical presence, such as construction. However, ensuring the security of remote employees and their access to critical systems can be a challenging task. This case study explores how a construction company in the USA overcame these challenges by implementing FortiClient EMS, a Zero Trust Network Access (ZTNA) solution, to enhance their remote workforce security.


The construction company had a significant number of remote employees who relied on a traditional SSL VPN for secure access to company resources. While the SSL VPN provided a certain level of security, it lacked the ability to meet the demands of up-to-date prevention and continuous checks. The company recognized the need for a more robust and comprehensive solution that could address these limitations.


To address the company's security concerns and meet the evolving demands of remote work, the customer decided to implement FortiClient EMS. This solution brought all remote workforce endpoints into a single plane, providing centralized management and control over their security posture.

Endpoint Management and Tagging: FortiClient EMS allowed the company to create tags based on the location of remote employees, distinguishing between on-site and off-site workers. These tags played a crucial role in defining security policies and access rules for different groups of employees.

Security Composure Rules: To ensure secure access to remote systems, the company added security composure rules based on the defined tags. These rules determined the level of access employees had to specific resources, ensuring that only authorized individuals could access critical construction software and systems.

HTTPS Proxy for Construction Software: To enable secure access to construction software, the company configured an HTTPS proxy. This proxy acted as an intermediary between remote employees and the software, encrypting the communication and protecting sensitive data from potential threats.

TCP Forwarding for High-Level Personnel: For high-level personnel who required access to backend servers and remote desktops, the company configured TCP Forwarding. This feature allowed secure access to these resources while maintaining the necessary level of control and monitoring.

Dynamic Rules and Tag-Based Security Posture: FortiClient EMS enabled the creation of dynamic rules based on the security posture and tags assigned to remote employees. These rules automatically adjusted access privileges based on changes in security posture, ensuring that only compliant devices could access company resources.


By implementing FortiClient EMS, the customer achieved significant improvements in their remote workforce security:

Enhanced Security: The ZTNA solution provided advanced security features, surpassing the limitations of traditional SSL VPNs. The dynamic rules and tag-based security posture ensured that only authorized and compliant devices could access company resources.

Centralized Management: FortiClient EMS brought all remote endpoints under a single management plane, simplifying administration and enabling efficient monitoring and control of security policies.

Resource Optimization: The removal of SSL VPN reduced the load on the company's firewall, as FortiOS no longer required the tunnel to be kept alive or perform negotiations for hundreds of remote endpoints. This optimization resulted in improved performance and resource utilization.

By embracing FortiClient EMS, the construction company successfully addressed the challenges associated with securing their remote workforce. The implementation of a ZTNA solution provided advanced security features, centralized management, and resource optimization. As remote work continues to evolve, the customer is well-prepared to adapt and ensure the highest level of security for their remote employees and critical systems.

Related Content


We are here to help

Schedule a Meeting

+44 (0) 20 7131 0263