Remote working for small businesses
Business is merciless. If you’re not there for your customers, come rain, hail or shine, one of your competitors will be. And yet a recent survey by YouGov found that the heavy snowfall this January caused employees in the UK to miss 124 million hours of work.
Those lost hours mean missed deadlines and ultimately, for some, lost clients. The survey also found only 11% of the people who couldn’t travel to the office had the option to work remotely.
Many companies don’t like the idea of remote working. This is particularly true of smaller businesses that fear remote working is difficult to implement.
But smaller companies need all hands on deck if they’re to keep functioning – and that’s exactly what remote working can deliver. In this feature, we look at ways of safely implementing remote access that will help keep your company working hard even when the rest of the country comes to a standstill.
The dark art of virtual private networking
Most often, virtual private network (VPN) technology underpins remote access. A VPN is a means of privately and securely sending information over a public network, usually the internet.
In a classic VPN, the client uses the IPsec protocol suite to both authenticate itself with the server and then to encrypt the packets that are exchanged between client and server during the communication. Client and server decrypt each other’s messages using a pre-shared key.
Although they’ve been around for years, VPNs are regarded by many IT professionals as something of a dark art
Although they’ve been around for years, VPNs are regarded by many IT professionals as something of a dark art: a technology that always requires a lot of tinkering and experimentation to make it work smoothly.
This isn’t entirely a misconception. Configuring a VPN is rarely as straightforward as its instruction manual, let alone the marketing bumf, would have you believe. That said, in the past few years a number of developments have taken place that have made it easier for even small companies to run VPNs.
If you don’t want to get involved in configuring and managing a VPN, then you can simply outsource. Generally speaking, there are two types of outsource service. With the first option, your workers connect to your LAN through the outsource vendor’s VPN gateway.
You don’t need any hardware on site; you simply install the vendor’s client software on your laptops and pay a monthly fee per user. Alternatively, you could choose to have the hardware installed on your network, but then pay a third party, usually the reseller from whom you bought it, to manage it.
The advantages of a managed VPN service are simplicity and predictable costs, but there are pitfalls too. Passing your data through a third party means it’s also out of your control, and if something goes wrong with the supplier’s service there’s nothing you can do about it.
Another downside is agreeing and understanding your security needs. Professor John Walker of Information Systems Audit and Control Association (ISACA) describes the problem: “I’ve lost count of the number of times I’ve been to organisations and discovered that they haven’t shared their security policies with their managed services vendor. You can’t afford to be vague about these things. Unless your vendor knows your precise requirements, you may not be as secure as you think you are.”