Five ways to bulk up your network for telecommuters
Whether they're in branch offices or home offices, workers are increasingly telecommuting instead of working in a traditional centralized office environment.
For many companies, this trend presents many benefits as well as challenges. On the plus side, a recent survey shows that telecommuting increases worker productivity by allowing for more flexible working hours, and it saves companies money on reimbursing transportation costs and on office materials. On the down side, telecommuting can produce major security and privacy risks for companies that extend their WANs out to their employees' homes without giving them the knowledge or the tools to connect to the corporate network securely.
That means the big challenge for many companies is how to not only expand the reach of their WAN, but also keep it fast, secure and reliable. Here is a review of five of the most important techniques, technologies and practices that companies can adopt to bolster their telecommuter WAN performance, and whether they should look outside their own in-house IT departments to meet some of these challenges.
Make sure your employees have strong home broadband connections
This may seem obvious, but the first step to ensuring that your WAN can accommodate telecommuters is to ensure that their connections are up to speed for the corporate network. After all, security and software updates won't help anyone if the Internet pipe isn't strong enough to download them from the corporate network at a reasonable pace. This gets tricky, however, when telecommuters live in areas of the country that don't have access to fast cable or DSL services. In these cases, says Kelly Brown, the group manager for Internet and mobility services at Verizon Business, there is very little a company can do to upgrade a connection speed, and companies must look for ways to either upgrade the connection speed on the margins or upgrade to a stronger connection altogether.
One way to upgrade at the margins is to make sure that the PCs being used by the workers are fully optimized and have enough memory and hard drive space to fully take advantage of the Web connection they're working from, Brown says. Eric Bozich, the vice president of product management for Qwest, says another option for companies looking to upgrade at the margins would be to invest in WAN acceleration technology that optimizes Internet routing and maximizes speeds for enterprise applications. He says one such product is Akamai's IP application accelerator that continuously scours the Web for the fastest and most reliable path to an origin server, much like a traffic helicopter that reports on which roads are clogged or open during rush hour. Other WAN acceleration vendors include Array Networks, Converged Access, Expand Networks, Juniper, Orbital Data, Packeteer, Riverbed Technology, Silver Peak Systems and Swan Labs.
But if WAN acceleration and PC optimization still don't get your connection where it needs to be, then you may want to consider upgrading your teleworkers' connection speeds.
Bozich notes that "5Mbps to 7Mbps services are available to most folks. If you can get that level of service, then that's enough bandwidth to do pretty much anything, including voice and low-resolution video solutions."
Of course, this becomes trickier in rural areas where dial-up services are the only landline options available. In these cases, says Network World columnist and small business consultant James Gaskin, companies should consider investing in satellite Â connections to broadband global-area network for "portable broadband" access to remote locations.
Be sure to have a wireless backup option
Although wireline services are the most reliable and safe way to connect teleworkers to corporate WANs, even the best wireline networks go down from time to time. Thus, it's important for all employees working either at home or on the road to have access to a reliable wireless option that will safely give them access to corporate data. While in the past this has meant hooking on to unreliable and unsecure Wi-Fi networks, the advent of high-speed wireless technologies such as WiMAX, HSPA and EV-DO gives teleworkers the option of connecting to networks that offer good data speeds over a wide area.
Brown says that when she's working at the office, for instance, she has the EV-DO card on her laptop in place as a backup so that she can connect to Verizon's 3G network in case her wireline service goes down. While relying upon 3G cellular networks for data services can be more expensive than traditional wireline services, they provide reliable and secure backup connections, Brown says.
Bozich also fires up the EV-DO wireless card on his laptop when he's on the road and doesn't have access to Wi-Fi, and he thinks that WiMAX will also play a bigger role in keeping teleworkers connected to corporate WANs in the coming years.
"WiMAX should ultimately become an extension of Wi-Fi once it becomes more widely deployed," he says. "I don't see it as an either-or proposition. I think they can work in concert together."
Understand that security goes beyond the VPN
VPNs have become a staple tool for teleworkers looking to connect to corporate data. But there are severe limitations on what VPNs can do that make it hazardous to rely on as a sole security measure, Bozich warns.
"The VPN creates a secure point-to-point connection where data isn't susceptible to being intercepted," he says. "But it doesn't address issues of whether there is virus on your machine. Obviously, having a VPN is better than not having a VPN, but you should understand that it doesn't allow IT administrators to form a comprehensive set of policies around it."
Installing firewalls and antivirus software are the most obvious additions to having a VPN connection, Brown says. Another option, she says, is to access corporate data directly through a protected Web site that is configured SSL, which enables encryption of sensitive data over the Web.
"If you want to have enterprise data that can be accessed through the Web, you need to ensure that it's going through a secure site, and that's where you're getting into the SSL environment," she says. "You can go to a particular Web site, you log in, and it will establish an SSL connection, and just like an IPSec type of pipe, it would add the layer of security that you'd need."
But while having strong network and Web tools in place is a big piece of securing a WAN for teleworkers, having smart, informed workers who follow company policies is even more important. In other words, even the most advanced network security system will be no match for human failings. Brown says this means that companies will have to adopt strict policies on what sites teleworkers can and can't access and to make sure employees know not to open personal e-mails or any e-mails that look suspicious while connected to the enterprise WAN.
"The biggest issue with security has to do with simple stupidity," notes Chuck Wilsker, the CEO of the Telework Coalition. "When the VA lost all those records, for instance, it was because someone took out a hard drive that had sensitive data on it."
Know that strong software can be just as important as strong network design
Having solid broadband infrastructure for your teleworkers is all well and good, but it's also vital to have good software that can be used to provide updates and enforce security policies.
"Teleworkers should be able to download software from the corporate Web site, and once that software is loaded it becomes part of the software administration model," Bozich explains, using his company's teleworking services package as an example. "With our solution, you have the ability to set policies and push them down to all your clients. You have the ability to maintain a list of software requirements, and you can validate that the software is active and that it has the current revision of updates loaded on there."
Gaskin says that many companies, particularly small and midsize businesses, should start looking at software-as-a-service (SaaS) as alternatives to more costly network infrastructure systems such as Microsoft Exchange servers. Gaskin says that one of the more popular and accessible SaaS offerings is Google Apps, which an estimated 500,000 companies use for hosted e-mail, messaging and calendar applications. He also recommends that companies look at HyperOffice, the online collaboration software aimed at small businesses that includes intranet software, business e-mail services and document management services; and as Ignyte Software, a Web-based company that specializes in content management and hosting that puts company data securely within the cloud for workers to access.
The advantage to using cloud-based software, Gaskin says, is that companies can outsource their security issues to outside companies and will rely less upon internal IT staff.
"Companies are getting better about rethinking applications from the remote user's standpoint," he says. "As more employees work at home, they're rethinking the applications and whether they should host them or not. This will make huge difference in security for these companies."
Keep your wireless devices in line
Gaskin puts it bluntly: the plethora of mobile devices latching onto enterprise WANs is "a giant pain in the ass." But with wireless usage increasing every year, companies will have to keep track of where all these devices are and what they are doing, both to keep the corporate WAN secure and to save money.
"Mobility can be either big problem or a value ad," Boznich says. "One of the ways to enhance productivity is to make sure employees have proper access to corporate data at home on the broadband connection, or if they are traveling and are staying in hotel or at an airport... but it can also throw a wrench into how the WAN operates because more mobility can also mean less accountability."
Verizon's Brown says companies have to keep very close tabs on all wireless devices on their networks to make sure that they have the most recent antispyware and antivirus updates pushed directly onto their systems. But she also notes that security is only one component in managing mobile devices, as companies need to make sure that their devices have the proper applications loaded onto them to let users take full advantage of wireless communications. Among other things, she says companies should look into getting simultaneous ringing capabilities that will ring up all of a user's devices when their work number is dialed, as well as conferencing applications that make joining company meetings as easy as clicking a button.
"One of the things Verizon pushes is making work an activity and not a location," she says. "One of the best features we're pushing is the ability to set up a point-and-click application on BlackBerry devices to set up quick mobile conferencing."
If all this sounds like a headache for IT departments to deal with, that's because it is, Gaskin says. Rather than having one laptop or personal computer to manage from remote locations, the modern IT department has to juggle a wide assortment of PDAs and smartphones that all must be kept up to date with the latest security and business applications.
"If it was my company, I would not allow any wireless network access to the company VPN," he says. "If you're setting up someone to work at home, it's not too much to ask someone to work from their desk on a wireline network that you've set up for them."