Remote access to internal IT systems is still a big enabler for any sized business. Business is no longer 9-5, and staff are no longer just sat in the office. The world has changed, so surely remote access has as well? Well, not as much as you’d think, but bandwidth has dramatically improved, as has its cost and ease of access. You can get a decent internet connection virtually anywhere in the world; this has made remote working productive and cost-effective.

What remote access technologies currently exist?

In reality, the technologies haven’t really changed much over the last 10 years. There’s a lot of hype surrounding numerous technologies, but at their root, they aren’t particularly new.

I’d say that we are generally seeing the decline of traditional client-VPN technologies (SSL and IPsec) to access files and folders, where you have an application loaded onto a PC/laptop/tablet and you connect to a corporate network. They are typically cumbersome and problematic to support. I would ass that this has changed a little with the rise of WAN accelerators and solutions such as Microsoft One Drive, but it still can be a little cumbersome to manage.

You will find that a large percentage of corporate applications have web-based front-ends these days. These are often more or less indistinguishable from applications installed on the desktop, feature-rich and simple to support. They typically lend themselves well to being published over the internet for roaming workers to access the internet. A typical example of this would be Microsoft’s Outlook Web Access.

A favourite technology for remote access and general working is thin client. There isn’t really much difference in the method of access to internal IT system cloud-based based ones.

Is it all about the cloud?

The cloud is generally remote computing, and thus remote working. However, corporations have been working to this model for decades, satellite offices accessing systems in remote headquarters on the other side of the world. Now because somebody put a shiny new cover on in, everything thinks cloud technology is all new. It’s not new, neither is cloud always the answer. If you have systems internally that you want to access remotely, it’s usually quite a straightforward exercise. That’s not to say that the cloud isn’t the answer to many business requirements, it’s just unlikely to be justified on remote working alone.

The risks of BYOD

We hear about BYOD (Bring Your Own Device) daily – accessing corporate systems with a user owned device. However, generally it will typically incur greater IT management, integration, administration and IT security costs – well it should do if implemented correctly (at this point in time) to remove any security risks: you aren’t going to accept significant risk within your business. If a business doesn’t own a device they can’t really control it. Then you can’t stop third parties from accessing the device, or from dangerous software being installed on it and circumventing corporate security, it’s as simple as that. Yes you can get encapsulation technologies that act like a secure operating environment on a device, but I’m still cautious. I’d still use these technologies, but with a corporate owned device.

I’m a bit more of a fan of CYOD or Choose Your Own Device. This is where an employee can select a device from a pre-authorised list, easing support overhead and ensuring productivity. Have you ever actually really tried to use an iPad productively? It just doesn’t compete with, say a laptop. However they are fine as additional devices for intermittent emailing and reading on the fly, etc. I also find that CYOD does help staff morale – it’s nice to have a choice, and computing devices bring up similar emotions to getting given a company car.

Also, I should note that it was only a few years ago that everyone was talking about increasing productivity within the workplace through IT. Can you really do that when everyone’s walking around with their own mobile devices hooked up to the internet with a 3G card? I understand there are always exceptions, but generally the money saving case will not stack up under scrutiny.

If you are considering a Bring Your Own Device – or BYOD – policy for your business then there are several considerations you need to keep in mind.

Don’t just announce the policy and let employees start using their personal device for all work-related tasks. Sure there are benefits, but you will only realise these will a well-thought-out policy, which is openly shared with all.

1. Understand and measure the business benefit. Don’t just do it because the devices look nice.

2. Don’t store any data on the devices if possible. If you have to then ensure it’s encrypted.

3. Think about Internet controls within the business. You need to ensure that people remain productive.

4. Understand what you will do if the device has a fault or fails. How will that employee work for a day or two?

5. Keep installs on the device to a minimum. The more you install the more you have to manage, secure and support.

6. Make sure your wireless will support the additional devices. Many existing wireless solutions won’t cope with the load.

7. Isolate the devices from your network, even when in the office. You can’t control their security so zone them off.

8. Know which devices you will support. Don’t just allow anyone to use any device to connect.

9. Update your acceptable use policies. Employees need to know what their responsibilities are.

10. Plan your infrastructure first. Don’t just allow devices access, and then identify risks and controls as you go along.

If you are not sure if BYOD will work for you, then you could consider CYOD instead. Choose Your Own Device gives employees’ a level of freedom whilst still allowing the business to retain central control.