You are here

Rolling Out Remote Access

Plan properly to prevent provisioning and troubleshooting woes.

Plan properly to prevent provisioning and troubleshooting woes.

The average employee who commutes five days a week disperses eight tons of pollutants into the environment each year, according to research from the Telework exchange.

Getty Images

With gas prices still volatile, telework remains an important part of government cost-cutting strategy. Remote workers don’t necessarily need permanent office space, and environmental gains make the outlay easy to justify. Here’s how to maximize your telework investment.

Match the Tool to the Job

Not all applications are equal, and you’ll want to consider bandwidth requirements carefully before giving your blessing to a specific remote access method. Even with high-speed connections, running a 2.4-megabyte executable from a mapped network drive to use an Access database will be an exercise in frustration. And Win32 fat clients are a beast to manage remotely.

A knowledge worker who uses his own PC raises the issue of remote desktop support. Internet access is preferable to your IT group taking on the risk and burden of supporting Win32 on other users’ gear. If you’re serious about remote access, now would be a good time to build a requirement for native web clients into your enterprise software RFPs.

If you can’t immediately switch to native web clients, consider solutions that require less desktop support, such as Terminal Server or GoToMyPC. New technologies such as bandwidth optimizers may also be a stopgap measure to deal with legacy fat clients.

Be open to new technologies, such as Google Apps, which neatly and quickly provision users. Be wary of unencrypted Web-based Distributed Authoring and Versioning (WebDAV) filestores, but don’t exercise your powers of random denial — if a service offers an encrypted enterprise version, steer users there instead of to the basic service.

Watch Out for Notebook Users

Notebooks that leave your organization present their own challenges. You’ll need to ensure that virus and patch updates go through even if the user doesn’t connect through your virtual private network. Another factor to consider: Local network settings (static proxy configurations) might not work once a notebook is plugged into a home network. These issues can be addressed through a variety of mechanisms. Make sure your desktop support team is talking to the infrastructure team; enact policies that spell out ownership and acceptable use; and consider using endpoint security agents and two-factor authentication.

Buddy Up With HR

You’re probably not aware of all the convoluted labor regulations that apply to state and local organizations, so get help from human resources before rolling out remote access. They can save your organization from incurring unanticipated overtime expenses and legal exposure.

Make Policy Part of the Plan

Even the most secure technologies can be foiled by a user who leaves her key fob with her unattended notebook at a cybercafé. Part of your discussion with HR should be about how training and consequences are built into remote access policies. Are users required to attend 30 minutes of training before they’re provisioned? Are they required to sign off on a document that clearly spells out expectations and consequences for failing to follow policy? Each organization is different, but your users’ security savvy will depend on your security technology program.

Apr 03 2009

Comments