Blog

Recommended Remote Work Technologies

December 10, 2021
Applications, Cloud, Data Protection, Hybrid IT, IT Services, Network

Regardless of COVID-19, chances are remote work operations are here to stay – at least to some extent. But making work-from-anywhere options available to employees involves more than equipping them with a laptop and videoconferencing and project management applications.

While the precise tools needed for working remotely will depend on the job description, industry, and other factors specific to your organization, the following are some of the technologies that can enable secure, successful remote work.

 

Cloud Infrastructure

If your organization hasn’t migrated to the cloud yet, enabling remote work operations presents the perfect time to do so. The cloud frees your mission-critical processes from physical servers housed in data centers. Data and applications can be accessed, run, and updated from virtually anywhere with an internet connection.

There are no capital expenses or a need for physical space, utilities, or maintenance to support the infrastructure. Plus, reputable cloud providers offer data privacy and security features that typically exceed what an organization can do on its own. Cloud services can also handle your data backup and disaster recovery needs.

Perhaps the biggest benefit of cloud services is scalability. Cloud resources are available on-demand, they’re easy to scale up or down to meet your needs. That means you can be assured of the necessary cloud resources to deliver high-performance services such as live streaming and video conferencing that may have fluctuating usage periods, as well as support website traffic surges. Bonus benefit: you only pay for the cloud resources you use.

 

Secure Remote Access

Employees working remotely will need access to your organization’s network, data, and applications – secure access. Among the options:

• Virtual private network (VPN): VPN has typically been the go-to method for providing employees with access through public internet connections. A VPN uses advanced encryption and tunneling techniques to create a secure internet connection between a user and a network. Business networks can connect with each other, and remote workers can access sensitive data from a business network without exposure to unauthorized users. Because internet traffic and user identity are protected with encryption, VPN is technically a security solution, although it does enable remote network access, whether users are working from home, a coffee shop, or an airport.
• Remote Desktop Protocol (RDP): RDP is a secure network communication protocol that enables the remote management of and access to virtual desktops and applications. Unlike VPN, RDP typically enables users to access applications and files on any device, at any time, over any type of connection. There are different types of remote work solutions based on RDP, including virtual desktop infrastructure (VDI), remote desktop services (RDS), desktop-as-a-service (DaaS), and workspace-as-a-service (WaaS.) See more on these solutions under RDP Solutions.
• Identity and Access Management (IAM): IAM incorporates a comprehensive verification process to confirm the validity of all logins, and allows for implementing multi-factor authentication on top of a VPN connection. It can be used as a VPN alternative or paired with a VPN. Note: It doesn’t provide additional protection for privileged credentials. 
• Privileged Access Management (PAM): PAM focuses on managing privileged credentials that access critical systems and applications with a high level of scrutiny. PAM solutions include advanced credential security such as user activity monitoring, obfuscation of passwords and systems and data access control, and user activity monitoring. PAM tools allow network managers to ensure that internal users only gain access to the applications and systems that they need at the time they need them.
• Third-party Security Platform: These solutions allow for controlled onboarding, elevation, and termination of access privileges for external users. Many include robust authentication protocols, access controls, and auditing tools to meet certain compliance requirements. They also granularly control the access permissions of each individual user with the least privileged access. This helps ensure users can only access areas of the network that they need; nothing more.
• Zero Trust: This approach assumes all individuals or users are threats and must be verified before being given access. Zero Trust methods perform the basic capabilities of a VPN, but with an added layer of security in the form of least privileged access (down to the specific applications), identity authentication (MFA), employment verification, and credential storage.

 

RDP Solutions

While VPN and similar technologies enable remote access to an organization’s network, RDP-based solutions enable employees to securely access everything they need to do their jobs – desktops, software, applications, and more – via an internet connection. While the definitions for the various RDP-based solutions are similar – and not always consistent from vendor to vendor – the following provides a general description of each: 

• Remote Desktop Services (RDS) refers to a server-based platform that lets users share desktop environments between one Windows computer and another over the Internet. Once logged into the RDS-hosted PC environment, your users can access the same local resources they would on their own PCs. RDS can be configured so only certain applications are available to remote users.

Typically, the machine that hosts RDS runs in the same physical location — such as the same office building — as the computers from which users access the remote desktop environments. It is also possible, however, to install RDS on a server running in the cloud and share desktops from the cloud.

• Virtual Desktop Infrastructure (VDI) deploys a desktop operating system from a virtual machine sitting in a data center. VDI deployments used a single-tenant model with resources dedicated to a single user or organization, so it’s easier to ensure that only authorized users can access data. You specify exactly which tools can be used, how systems are monitored, where data is stored, and who has access.

Hardware, software, licensing, deployment, and ongoing maintenance and patching are all handled in-house. However, there is the option of a hosted VDI solution, in which a cloud services provider (CSP) owns and manages the underlying infrastructure. You retain complete control over the VDI environments.

• DaaS: Rather than hosting desktops in an on-premises data center, DaaS uses a cloud-based backend and is provided by a CSP. All that is required for end-user access is the internet and web browser. DaaS is similar to VDI but is hosted in the cloud and shifts the management of the hardware of the CSP.  

DaaS solutions are typically subscription-based and charged by the seat. This cost model makes it easier to dynamically scale operations and ensures that you’re only paying for the resources you’re actively using. The infrastructure is managed by the vendor, so your IT team isn’t responsible for maintenance or management. The provider handles hardware monitoring, upgrades, availability, and troubleshooting. You also get access to technical support from your provider. However, the management of the applications, data, and security still requires your internal IT resources.

• WaaS: WaaS solutions are considered “business-ready.” They deliver a true virtual workspace with everything end-users need to do whatever they’d do on their desktop in an on-premises work environment. That includes the work desktop and OS (similar to DaaS) but with the anti-virus protection, supporting apps, data storage, data backup, etc.  

Because WaaS provides the full package, including a virtual desktop in a cloud environment and all the necessary features to run your business, it offers more value for the per-seat cost. You determine which apps to make available, set the policies for user access, and can add and delete users as needed. A CSP powers all backend services, including managed backup and remote monitoring.

 

Connectivity

Employees who work remotely ─ whether from home, the airport, or their local coffee shop ─ will be dependent on the internet service at that location. Applications for things like video conferencing and scientific modeling are bandwidth-intensive, and a slow connection can hamper productivity. Identify the applications your employees need to do their jobs and the bandwidth requirements of those apps that are necessary to deliver an optimal user experience. Provide guidelines around minimum network bandwidth for remote workers and ensure that these guidelines are clearly communicated.

You’ll also need to confirm that your network infrastructure has the capacity to accommodate increased remote workers. There are several considerations for determining how much network throughput will be needed:

• How many employees do you have in the company and what is the differential between those working remotely before, now, and in the near future?
• How will your employees gain access to the network – VPN? A DaaS or WaaS solution?
• What costs will be associated with more bandwidth and cloud service costs?
• Does your internet service provider (ISP) allow for temporary increases over the configured bandwidth to cover any temporary traffic increases?
• What kinds of service distancing can be implemented so that current resources won’t get overwhelmed? Usage guidelines may be required to manage bandwidth, including staggered working intervals, keeping employees off the network when not necessary, using audio rather than video conferencing, and limiting access to non-critical services.

Next Steps

If your organization is interested in implementing technologies to enable remote work or build upon what you already have in place, US Signal can help. Call (866) 274-4625 or email [email protected].  Or download this Remote Workforce Checklist to help determine the various services and technologies you may need.