In recent weeks, many companies have set up home office workstations for their employees out of necessity. The focus was on making it possible to work from home as quickly as possible. Sometimes even with the help of BYOD solutions, which are rightly considered out of the question from a security point of view. But what does a suitable home office look like, and what should be considered when connecting it to the company’s IT? What does the central IT infrastructure have to be able to do?
This question becomes urgent as more and more employees are getting to know the advantages of alternative forms of work in these weeks. You won’t want to give it up anymore. According to a recent survey, 60 per cent of employees would like to work from home in some cases, even after Corona. Therein lies an opportunity. Companies should now create the basis for fundamentally enabling the home office. In this way, you benefit from the advantages that flexible working brings with it.
Table of Contents
Light At The End Of The VPN Tunnel? Requirements For The Head Office
With the standard solution for the home office, an employee connects to the company network using a company laptop via a VPN client installed there. Such a client can be installed quickly. This type of connection has paved the way for many companies into the home office at low cost in the last few weeks—the only requirement at home: a sufficiently powerful internet connection.
In practice, this means that the head office can technically support all employee sessions with acceptable performance. But every VPN tunnel needs a remote station in the company. On the one hand, the number of VPN licenses is a limiting factor. On the other hand, the performance of the VPN router or – in larger companies – VPN gateways in which the VPN connections from the home offices converge.
IT was previously designed to provide the necessary computing power and bandwidth at company headquarters and branches in most companies. With the outsourcing of jobs to home offices, this strategy must be adapted. Often this means upgrading existing routers or gateways or purchasing more powerful hardware: Many small companies are well served with devices that allow up to 25 simultaneous VPN connections. In the enterprise area, gateways with a capacity of several thousand connections are quickly used.
The company’s Internet connection may also have to be re-dimensioned. In addition to normal data traffic, the VPN tunnels for employees in the home office now come into play. Here, IT administrators have to keep an eye on the wide variety of possible applications to estimate the need.
A 1 Gbit line can reach its limits if 50 outsourced employees also participate in a video conference in 4K quality. Several lines from different providers should also be combined for reasons of failure safety. It is also advisable to have “room for improvement” in terms of capacity in the event of peak loads or to ensure future growth.
Branch offices are also part of these considerations. For smaller branches, it is advisable to install a central VPN router on site instead of several VPN clients, which connects the PCs and laptops with the major company IT. Incidentally, this also offers a significant plus in options.
Home Sweet Home Only With Sufficient Bandwidth
Just as the routers and cables in the head office have to be analyzed and, if necessary, expanded, this also applies to the home offices: The employees have to test the performance of their home connection. A DSL connection at the home office location should at least be available. Where this is not the case, the employee can switch to a cellular connection.
The problem with using DSL connections is asymmetrical: their downstream performance is usually many times higher than the upstream performance. In other words, downloading a file from a server or website is faster than uploading it. This can create problems for services that rely on synchronous transmissions, such as video and audio calls. The only thing that helps is a corresponding increase in bandwidth.
The Company’s Router Guarantees QoS
If several employees in the family work from home or the children do tele-lessons, it must also be ensured that the necessary bandwidth is available for time-critical applications. However, to guarantee the quality of service (QoS) for other end devices in the household, this must be regulated via the router itself. Ideally, a VPN router provided by the company can be configured centrally by its IT at home via SD-WAN (software-defined networking).
The VPN client can prioritize the data streams on the end device. This has the advantage that the home office device does not have to set up a new VPN session with each restart. It is also possible to use a physical telephone instead of the widespread headset connected to the laptop.
Strengthened And More Flexible Out Of The Crisis
At the beginning of the year, nobody would have thought the introduction of home offices on this scale and speed would be possible. Companies that use this starting shot to digitize the office will cope better with upcoming exceptional situations. You also have an advantage when normality returns and employee motivation, teamwork and productivity become the key indicators of our work again.
Suppose companies now ensure that the new world of work offers adequate IT performance and is technically protected against attacks. In that case, they will prevent the current crisis from triggering avoidable future security incidents.