How to set up remote office work as quickly as possible, efficiently and at the same time safe? How to make people like in an office, but not in the office? We can definitely say there is no single common way. It all depends on a number of factors that must be considered:

– We set the goal of what kind of work employees should perform remotely (read at home). Read mail or have full access to corporate information? We make this decision deliberately, and not in a panic in a matter of minutes. And always leave yourself a reserve of opportunity.

– Consider the company size or the number of employees who need to be transferred to remote work.

– Can we use existing hardware or there is a possibility of equipment and network resources purchase corresponding to the number of people and goals? Don’t overdo it here. There are entire hardware systems, but they are not always in demand in small organizations, due to their focus on servicing large enterprises and, as a result, high cost. Let us stay on this in more detail. 

We would recommend choosing a Virtual Private Network (VPN) technology. It allows you to create a secure connection in a potentially dangerous segment of a public network, such as the Internet and is one of the most common solutions. In simple terms, the VPN on the remote computer or mobile device connects to the VPN gateway of the company’s network, which authenticates and authorizes the user using a key or login and password. As a rule, with the help of both. After successfully completing this procedure, the user gets access to internal network resources (file server, databases, printers, and others) as if he was connected to the local network.

To protect remote access, IPsec or SSL protocols are most commonly used. They are not interchangeable and can function both separately and in parallel, determining the functional features of each of the implemented VPNs. SSL is more focused on providing a secure connection to a single application (for example, SharePoint or email), rather than to the entire internal network. For a full-featured permanent connection to the corporate network, we recommend choosing the IPsec protocol.

How to act? And what type of VPN to choose?

– VPN in routers – there are lots of cheap solutions on the market. Almost any router has the functionality of a built-in VPN server. Usually, this is a simple on/off functionality and adding password logins for users, sometimes integration with a Radius server. We do not recommend considering such a solution. First of all, you need to think about your safety and the continuity of the service. Such equipment cannot boast of an appropriate level of protection and the reliability of operation leaves much to be desired.

– OpenVPN – we recommend using this type of VPN only for small companies or projects up to 15 people. Just for such companies, which do not make sense to purchase professional network equipment in view of the absence of a large load. The main advantage of this out of the box solution is that it works on all platforms. You can purchase a device and configure it. Using special software, you can achieve its operability to build an OpenVPN tunnel. The disadvantage is that OpenVPN cannot withstand a serious load. For encryption and transmission of traffic on the server-side is used not specialized equipment, but server resources.

– Microsoft VPN – the Microsoft company offers a free solution for those who have the entire infrastructure built on their basis. In simple cases, the setup does not cause difficulties even for a novice system administrator. It should be borne in mind that in the case of building a more complex system, it will be necessary to delve deeper into the settings, in this case, the cost part will certainly grow in the same way as the complexity of servicing the solution. Nevertheless, this solution is not without advantages. 

– Enterprise-class VPN is high-class network equipment of Juniper, Cisco, Check Point companies: all of them have comprehensive solutions, which also include a VPN service. But it should be borne in mind that this solution has a higher cost. An annual fee is required. If you do not pay annual support fees, then do not count on security updates. The main advantages are that the level of security of the transmitted data is very high. Server security level – protected. Ensuring the reliability of the solution – redundancy technologies are provided.

Which type of VPN connection to choose is your decision. We can only give you our vision and recommendations.

Verify VPN Security

Regardless of which type of VPN you choose, to ensure a high level of security, you must perform a mandatory check. The VPN service that listens for incoming connections must correctly verify the credentials provided by the user. It is not enough to simply verify the username and password; to increase reliability, it is necessary to use security certificates. It is also required to use a competent password policy (complexity, storage periods, automatic generation, etc.). These actions together with the certificate will exclude attacks and hacking with password selection.

Take into account basic VPN benefits

– Scalability of the system. When adding new employees or opening a new office/branch in the future, there is no special additional cost for communication.

– System flexibility. For a VPN, it doesn’t matter where you access from. An individual employee can send mail from a corporate mailbox or have access to corporate data while working from home. It is also possible to use the so-called mobile offices, where there is no connection to a specific area.

– From the above, it follows that to organize the employee’s workplace is geographically unlimited, which is almost impossible when using a private network.

In general, this is all we wanted to share with you. We presented the information rather briefly, but the purpose of the article is to show possible solutions. Since not a single article can be devoted to a specific implementation. We are ready to give more information and disclose issues of interest.

Do not wait any longer and configure secure remote access and be healthy.