For the last few years, the concept of homeworking has gradually inched its way from being an occasional option taken by a small selection of workers to a more mainstream strategy. As technology has advanced, more organisations have explored the use of homeworking as part of their standard operations.
Now, after several months of government mandated lockdowns created to fight the COVID-19 pandemic, organisations have been forced to take the plunge and adopt a fully remote workforce if they want to remain operational.
The latest ONS figures indicate that 49 percent of employees in the UK worked from home in the week leading up to the 14th of June. By comparison, just 5.2 percent of the UK workforce regularly worked from home in 2019.
Millions of workers now working from home had never done so before the pandemic and, even for the businesses with homeworking provisions in place, the sudden transition to a fully remote workforce was a big leap. As a result, many companies have been forced to make do with untested or outdated remote strategies that can impact both security and performance.
The challenges of a stopgap remote strategy
Traditional VPNs are one of the most common provisions among organisations that had only planned to support remote working as an occasional option for a limited number of staff. Employees will connect to a VPN concentrator to remotely access the network, usually via a data centre.
While this set up will generally work well for the envisaged small number of connections, it can present several problems when applied to the much larger scope demanded by the lockdown.
Because all traffic is dragged back to the data centre, it is common to find legacy VPNs suffering from performance degradation. Employees accessing resources remotely through the VPN are likely to encounter significant slowdown, which can drastically impact their productivity. This can be an even greater problem if the VPN software has not been designed to integrate well across multiple different devices and operating systems.
Performance issues can also quickly become security issues, as frustrated workers will look for workarounds that fall outside the VPN’s secure connection. There are several other factors that can increase the company’s exposure to cyber risks as well. In the rush to get the remote workforce operational, companies are often reluctant to begin changing and updating software on older solutions in case it breaks or disrupts something.
The risk of cyber threats
These missed updates often include important security fixes, meaning the VPNs may be running with vulnerabilities known to the cyber criminal community. This issue is exacerbated by the fact that several different pieces of software are usually used to coordinate everything, meaning more moving parts and more potential security gaps to be exploited. Likewise, there is often no provision for segmentation or visibility into the applications being run, hampering the security and IT teams.
Scalability is another drawback, as setting up older VPNs tends to be fairly resource heavy and inflexible. Getting a single VPN up and running for an employee can take IT personnel 30-60 minutes, and while this is not a lot of time as a one off, it becomes a colossal undertaking if the company’s workforce numbers are in the hundreds or thousands. As well as manpower, scaling up also means more hardware and software licenses, adding further cost.
Preparing for the future
While many organisations have struggled with this forced experiment into remote working, for the most part businesses have been able to hold it together at least over the last few weeks. However, even as lockdowns across the world begin to ease, remote working will still be a fixture for weeks and months ahead.
We anticipate some drastic changes to the world of work as companies re-evaluate their use of traditional workspaces. With this in mind, organisations that have managed to scrape by on ill-suited and outdated remote working set-ups need to take the opportunity to adapt their operations with a more long-term strategy.
Central to achieving this is leaving the old legacy VPNs behind and taking on an entirely cloud-based SaaS (Software as a Service) approach such as SD-WAN (software-defined Wide Area Network). This immediately solves the scalability problem as there will be no infrastructure costs or drain on IT personnel.
Further, with a flexible SaaS contract it will be possible to add as many users as needed at the time, and scale back again if circumstances change and more of the workforce heads back to the office. This is a particularly valuable feature as organisations bring workers out of furlough and face uncertain levels of demand.
Getting connectivity up to speed
Organisations should also ensure that their chosen solution has a high level of interoperability. The virtual architecture needs to be fully compatible with the company’s full range of devices, regardless of operating system. This should also account for the myriad mobile devices used by homeworking employees following BYOD strategies.
With the right solution, it is also possible to overcome the common performance and connection speed problems present in older VPN solutions. If the virtual architecture is hosted through cloud gateways located around the world rather than a single potentially distant data centre, users can continue to experience high connection speeds regardless of their location.
It is even possible to further enhance performance by prioritising particular applications on particular devices. For example, if the sales team is making heavy use of Zoom for calling prospects from home, the application can be given higher priority for network traffic to ensure consistent quality.
Finally, from a security perspective SD-WAN will reduce operational complexity, providing a single point of control for the entire network. This will make it far easier for CISOs and their teams to gain
full visibility of all activity across the virtual network and mitigate the risk of outdated patches and security gaps that can be exploited by threat actors.
While remote working has been the exception for a small but growing number of companies, the COVID-19 lockdown has accelerated developments and reversed the situation. While many companies are re-opening their offices, remote working is likely here to stay. Those organisations that take the opportunity to revamp their remote working capabilities now will be the ones best placed to field a secure and efficient remote workforce in the years ahead.