What Should I Know About Working Remotely Over a VPN?

What Should I Know About Working Remotely Over a VPN?

The coronavirus pandemic has caused an almost certainly permanent transformation in the way knowledge workers will carry out their jobs. Major tech companies like Facebook and Twitter have announced that they aren’t expecting any of their employees to return to traditional offices if they don’t want to -- and many small and medium businesses will likely follow suit.

But enabling your entire workforce to work from wherever they want isn’t as simple as setting up a VPN and getting everyone connected. While this approach may work on a temporary or occasional basis, a permanent shift to a partially or completely remote workforce requires a comprehensive business and technical strategy.

Understanding VPN Technology and Limitations

VPN stands for “virtual private network”. A VPN is an encrypted, secure tunnel that runs over a second, insecure network (usually the Internet). Anything inside the VPN tunnel is protected from snooping by anyone “listening in” on the public network.

Additionally, remote devices connected to the VPN behave as if they’re plugged in to the local network, allowing direct connections to internal network resources like file servers, Intranet sites, database servers, and even printers.

But there are some important differences between a VPN connection and a local network connection that can affect your design decisions and the performance of different applications.

First, the VPN connection is subject to the effects of network conditions between the remote device and the VPN server. If the user has a good, stable internet connection with plenty of bandwidth and low latency, then this usually isn’t a big issue. But there is huge variation in home internet speeds and connection types. Additionally, other people in the home streaming video, playing online games, or using their own VPN connections can max out a home connection, causing issues on the VPN.

Second, the VPN itself introduces some overhead, which affects both bandwidth and latency. The process of encrypting and decrypting every single packet that crosses the VPN can introduce additional latency and reduces the maximum VPN speed to a percentage of the total available bandwidth on the network connection.

Both of these factors need to be taken into consideration when choosing a VPN protocol to offer. There are many VPN protocols, including IKE, IPsec, OpenVPN (TCP and UDP flavors), and SSL. Each one of these offers different features in terms of overhead, required processing power, and latency and bandwidth tolerance.

These factors also need to be considered when deciding which services can be offered over the VPN. Different communication protocols have different tolerances when it comes to the additional latency introduced by a VPN. For example, HTTP(S) is very tolerant of high latencies by its design as a stateless protocol. So many applications now use HTTP-based APIs, such as REST, to take advantage of this. But many line-of-business applications depend on less tolerant protocols like SMB (file sharing) and direct SQL database connections. So you’ll need to know how your critical applications communicate with your servers, and what kind of performance you can expect depending on network conditions. This isn’t to say that these apps won’t work at all, but they will be more sensitive to poor-quality home internet connections and overloaded VPNs.

Moving Beyond the VPN - Optimizing for a Remote Workforce

While setting up a VPN can quickly get your remote workforce online, a truly location-independent business will need to look beyond the confines of the traditional internal network. Online or cloud-based services can simplify configuration and provide you with a set of tools that are already optimized for a variety of real-world network conditions.

While your company may depend on a particular line-of-business app for its operations, now is as good a time as any to start looking for alternatives that can more readily enable you to support workers wherever they are located.

Of course, setting up cloud services isn’t 100% foolproof. They still need to be configured, supported, and secured just like any internal service. Additionally, most cloud services charge a per-user-per-month subscription fee, which can add up quickly. These fees need to be compared with the TCO of providing an equivalent service in-house. This includes things like server hardware, Windows licensing, human resource costs, and others. Additionally, the business impact of implementing a new system needs to be weighed against the potential improvements of adopting a more suitable cloud-based solution.

There is no one answer or solution that will fit every company in every case, so weighing the options carefully will help you to make the decision that is right for your business. You shouldn’t move to “the cloud” just because that’s what everyone else is doing -- but at the same time, you shouldn’t continue using a legacy application just to maintain the status quo.

Having a trusted partner to help explain things and make comparisons can make the process easier. E-N Computers helps SMBs to leverage IT as a strategic asset, not a confusing liability. We can help you to decide how best to serve your remote workforce, either with a secure VPN solution or a move to the cloud. Contact us for a free consultation today.