Has your company decided to transition a portion or all your employees to work-from-home long-term? What may have started as a temporary means to an end is working well, and you have decided to embrace this new way of doing business. What you need now is to ensure your remote employees can continue to get their work done as productively and securely as possible.
Here is some advice from our client account managers at Systems Engineering. They advise clients on how to attain secure productivity when transitioning to a long-term remote workforce. While there is always a few unique situations, three common themes emerged that seemed to check all the boxes for many of their clients. It is always important to begin with answering a few main questions about a client's working environment and business needs:
Where do your business applications live?
When applications such as accounting or line-of-business software resides in the home office server closet, this is considered "on-premises". You may also have some of your applications managed/hosted in the cloud, which is referred to as the Software-as-a-Service (SaaS) model. Many companies operate with a combination of both on-prem and cloud hosted business applications. Either way, this is the first determining factor when choosing a long-term solution.
How do end-users (employees) communicate with clients and colleagues?
Depending on whether your employees use a typical desk phone to make calls, or they use a softphone or meeting application (which uses software) to call over the internet with their computer or mobile device, is another factor to consider.
Once you have the answers to the questions above, you can narrow down which of the three remote work-from-home solutions will provide the right amount of security and best user experience.
1. Cloud Access
Suppose your business is currently running all software applications (SaaS) and have data in the cloud. In this case, your employees can move their desktops/laptops from the corporate office to their home office and continue working. When using cloud services like Microsoft 365 and cloud applications like Office or a Customer Relationship Management(CRM) tool, your data is available anywhere with internet access. End-users can continue working from home as though they were working from the office.
What to look out for:
- Not all SaaS solutions are the same, and some are better than others. The user experience and security features will vary with each. Due diligence on how they secure your data and your identity is essential. One good way to protect SaaS applications is with Multi-factor Authentication (MFA).
2. Hybrid Access (Desktop Delivery)
Your businesses may be moving some or all corporate data to the cloud, like email, line-of-business apps, or document storage. This might mean a good part of your critical documents are still residing within your on-premise server at the main office. Also, many of the day-to-day functions, like your CRM, email, or accounting software get accessed through the cloud. In this model, when information is needed from the on-premise local server, access through a terminal service application, such as Microsoft RDP or Citrix Virtual App (formally XenApp) is needed. The terminal service application is added to end-users laptops, PCs, smartphones, or tablets, to provide the desktop experience. There are some technology and usage constraints to consider, but this can be a practical method for delivering a desktop experience to remote end-users.
What to look out for:
- There are a few secure application delivery methods for the hybrid model, such as a client virtual private network (VPN) or NetScaler Gateway. While each has its own defined encryption and security measures in place, it is critical to protect an employee's credentials (username & password) in the event they become compromised. Again we recommended you implement MFA to protect your users' login credentials.
- Connecting a home or personal computer to a business network can be dangerous. It is always best practice to have employees bring work computers home or issue them managed laptops when opting for a long-term work-from-home (WFH) scenario.
3. Site-to-Site Access
There are many occasions when an organization needs to operate as if the remote end-users home setup was no different than sitting at the corporate office. This type of delivery model provides a plug-and-play feel of connecting automatically and without compromise to security. The end-user has a seamless experience when accessing both on-premises servers and cloud-hosted SaaS applications. This includes connectivity to on-premises desk phones and softphones. A site-to-site access model requires a dedicated VPN, like Meraki MX Appliances and Teleworker Gateway. This is how remote users can have the same security controls and telecommunications that are in place at the office.
What to look out for:
- Since a site-to-site VPN connects over the internet, it is necessary to have proper amounts of bandwidth (data transfer per second) at both the end-user location and the main office. Without adequate bandwidth, users can experience latency issues, lags, and speed breaks, causing productivity to suffer.
- While the site-to-site access is the most seamless and secure long-term set-up for remote employees, it also can be the costliest. A remote worker gateway device would need to be in every employee's house with site-to-site access, which could prove to be cost-prohibitive for many organizations.
Each of the three scenarios above has technology, usage, and budget constraints to consider. The configuration possibilities are endless, but as we outlined above, not all are created equal. When you are ready to discuss which model(s) would be best for your situation, consult an industry expert, like Systems Engineering. We are here to help you navigate these waters when setting your company up for productivity, scalability, and security. Connect with us to start your long-term remote work strategy on the path to success.
If you would like to learn more about the most secure and productive way to enable your remote workforce, contact us at firstname.lastname@example.org or call 888.624.6737 to speak to a Systems Engineering representative. Clients, please reach out to your Account Manager.