• 
• 
• 
• 

 1 of 4

Gallery

Remote working for small businesses

Posted on 5 May 2010 at 11:54

The first SSL VPNs only provided access to browser-based applications and to simple file browsing. Most of the current crop, however, support port-forwarding to specific applications: so your business software can use the secure connection and operate as it normally would, without the user having to do any special configuration.

In practice, installing the JavaScript applets that most SSL VPNs use to connect can be tricky, often requiring fiddling with Internet Explorer security settings to get them working. It’s worth bearing this in mind when you first let your users loose on your new VPN. More seriously, in November 2009 the American government security agency US-Cert reported a potential security flaw in clientless SSL VPNs.

Sites open in the same browser as an SSL VPN can potentially run scripts on the VPN pages to extract confidential information. Before choosing a product with SSL VPN capabilities, you should ask the vendor how its technology will protect you against this vulnerability.

A final word on hardware devices: marketing brochures often claim things such as “this device can be up and running in less than an hour”. This assumes you’re already familiar with VPNs and will know things such as not to assign your virtual adapters’ IP addresses from the same range as those of their local network, and lots of other small details that will prevent your VPN working if you don’t get them right.

Support and asset management

Another challenge is how to maintain and support machines that are remote for long periods of time. Locking down the PC to prevent remote users installing their own software can be easily achieved using Group Policy.

What’s trickier is educating users that they have a clear pipe into your company’s IT infrastructure: any nasty stuff they accidentally install on their PC can and will attack the company. To this end, make sure that internet usage policies are followed. If you’re using a managed service, your provider’s client may force the users to connect through the VPN whenever they want to go online. Client software from some routers also supports this function.

Support is perhaps the easiest of these problems to solve. There are several remote solutions on the market – for instance, LogMeIn Rescue and NetSupport Manager – that allow your IT staff to securely take control of and troubleshoot remote clients.

If you’re running a Windows network, you can also configure Windows Server Update Services (WSUS) to validate only updates (according to your policies), leaving the client machine to download from the Microsoft servers. Making sure that clients only get validated updates can greatly simplify support.

Conclusion

Rob Bamforth, principal analyst in communication, collaboration and convergence Quocirca, sees remote working as something that can help SMBs compete with their larger rivals. “In the same way that the internet empowered SMBs by giving them a virtual presence that belied their size, remote working allows SMBs and SoHos to become mini-enterprises, competing in an ad hoc needs-driven way with... larger organisations.”

More than ever before, there’s now a range of competing technologies designed to keep small businesses connected and working, no matter what. Not only can this technology protect your company against natural disaster, it can also help you be everywhere, all the time – and in doing so, level the playing field between SMB and enterprise.

Author: Karl Wright