Commentary
2/25/2005
06:50 PM
Commentary
Commentary
Commentary

SmartAdvice: Telecommuting A Boon With Proper Safeguards And Training

Make telecommuting a privilege and focus on training and security for a successful experience, The Advisory Council says. Also, look for range of services and experience from a data-center-relocation services provider.



Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers two questions of core interest to you, ranging from leadership advice to enterprise strategies to how to deal with vendors. Submit questions directly to [email protected]


Question A: What technical and security issues should we consider when setting up a telecommuting program?

Our advice: With the increasingly global economy, businesses are dependent on their staff and customers being able to access potentially sensitive business data from anywhere in the world. As a corollary, once they've enabled remote access, many companies have found that telecommuting can improve staff productivity and response time, while reducing fixed costs in office space requirements. Implementing a viable and secure remote-access policy requires the use of appropriate security systems and tools, proper levels of IT support, plus a knowledgeable workforce, or your company could be vulnerable to serious security problems. Fortunately, with careful planning, businesses can implement a secure remote-access policy successfully.

The foremost technical challenge in implementing a remote-access and telecommuting policy is securing access to sensitive company data. Until recently, the most common solution was an IPsec (Internet Protocol Security) or Point-to-Point Tunneling Protocol VPN, where the remote computer becomes a virtual node on the internal network. Although great in theory, in reality the technology requires often clumsy client software loaded on potentially improperly secured computers. In addition, because an IPsec VPN encrypts every network packet, it often degrades network performance on lower-speed home or remote Internet connections. If a large percentage of your workforce already has company-owned laptops, and proper training in basic computer security, this technology can be successfully implemented.

Related Links

Best Practices For Supporting Home Users

Telecommuting: Keeping Data Safe and Secure

SSL VPNs: No Compromise?



However, if you're planning to allow staff access to internal data from public kiosks or home equipment, you should consider deploying a Secure Sockets Layer VPN. SSL VPN, which is based on the widely used Web security technology SSL, offers the advantage that it's designed to deliver secure access to your internal systems at the individual user and application level without requiring special client software. This gives you the granularity to develop access policies based on individual roles and responsibilities. Some of the newer systems offer client-aware software that checks if the connecting computer has the proper security systems or applications installed. If the system fails to detect antivirus or other protection, it can deny or limit access. The tradeoff is higher IT administrative overhead to manage often complex security and access policies. Since SSL VPN is relatively new, many of the systems are still proprietary, and integration with applications is hit-or-miss. For companies that have fairly simple access requirements and the right mix of applications, SSL VPN can offer powerful and highly granular access security at a reasonable cost.

No matter how advanced the technology, remote-access policies are dependent on proper staff training and expectations. Remote users require more IT support because they're away from the informal coworker support network. This can be mitigated by better application training and certification; however, treat remote access as a privilege, not a requirement, and you'll achieve higher levels of productivity and a more-satisfied workforce. If employees understand that maintaining current antivirus software and secure firewall settings is in everybody's best interest, then administrative overhead can be minimized.

Telecommuting and remote access can be a viable option for your business, if you're careful to implement a proper staff-training program, have a solid understanding of staff access by application and user type, and are willing to devote the resources required to maintain proper security policies.

-- Beth Cohen

Question B: How should we approach selection of a data-center-relocation service provider?

Our advice: Relocation of a data center is a complex project which requires months of planning. The interdependencies among tasks, the need for continuous operations, and coordination among multiple service providers are some of the major considerations. Selecting a relocation partner requires an evaluation of experience and ability to execute. Minor problems are bound to come up during such a move; the vendor with the necessary expertise would have backup equipment and technical expertise at hand to resolve any problems.

Decision Drivers
Data and applications are among the most valuable assets in an organization. Relocation of these assets exposes them to multiple risks of loss. Any one of these risks can introduce a failure, requiring analysis and preparation.

Most data-center relocations activities fall into two main categories:

  • Migration of data and applications to new equipment in a different location
  • Migration of hardware to a different location

Typically, relocation involves some level of both activities. Data centers rarely have homogeneous equipment, operating systems, or services. The primary service provider will have to subcontract to several different vendors. The primary choice should be determined by the prior experience of the vendor with the primary equipment and applications in the data center. Selection of a relocation service provider also depends on the level of service continuity that's required.

Migration of data and applications to new equipment is typically less risky, since it offers an opportunity to field test the new equipment and applications, and offers a natural environment for fall-back in case of a major problem. This kind of relocation requires expertise in redundancy, applications, and data mapping.

Migration of hardware requires a depth of support available from the vendor so that in case of major failures a quick replacement, technical assistance, and re-constitution of a system or application are available.

The primary migration vendor should have strengths in many facets, including:

  • Project planning and management
  • Relationships with other vendors
  • Ability to manage subcontractor services
  • Ability to evaluate and understand current equipment configurations and future needs
  • Ability to prepare new site and clean up old site
  • Electrical de-installation and installation of equipment
  • Ability for removal and EPA certifications for hazardous material disposal
  • Ability to install, engineer, or furnish new equipment
  • Ability to store and bring spare parts and/or replacement equipment quickly
  • Technical expertise in the network, hardware, storage, operating systems, database, and applications currently in use
  • Experienced relationship with an electronic equipment shipper
  • Ability to plan for contingencies
  • Ability to provide a disaster-recovery site for mission-critical applications which need to be available around the clock
  • Ability to provide a "swing site", if there's a need for interim operations

Data-center relocation is an activity that has to be done right in a very short time frame. The complexity and risks of such a migration require detailed planning and management. To accomplish a successful migration, it's essential to select an experienced relocation service provider.

-- Humayun Beg


Beth Cohen, TAC Thought Leader, has more than 20 years of experience building strong IT-delivery organizations from user and vendor perspectives. Having worked as a technologist for BBN, the company that literally invented the Internet, she not only knows where technology is today but where it's heading in the future.

Humayun Beg, TAC Thought Leader, has more than 20 years of experience in business IT management, technology deployment, and risk management. He has significant experience in all aspects of systems management, software development, and project management, and has held key positions in directing major IT initiatives and projects.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2019 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service