During the current coronavirus crisis countless businesses are asking people to work from home, but in the mad dash to enable remote working the usual due diligence processes may go out the window so here are a few things to consider and some mitigation measures to reduce the cost and risks of enabling colleagues to work from home.
Although many applications are moving online there are still plenty of core line of business applications that are run on the corporate network. Database applications with software that needs to run on desktop PCs rather than in a browser. One of the traditional ways of accessing these applications remotely is a VPN solution, basically enabling a direct but encrypted connection from remote users PCs to the corporate network via the Internet.
Risks of VPN solutions
In many corporate environments the user’s desktop PCs are subject to a level of management, from a completely locked down fully managed environment to at least an element of control over patching and anti-virus. However, when businesses open up their network to user’s home PCs via a VPN then that discipline may go out the window. There is no control over whether the users home PC has current Windows updates, has an up to date anti-virus subscription, or even a decent firewall. Home PCs are often at the mercy of the user’s children who can and will be installing anything and everything. Once connected over a VPN any malware on the user’s home PC has an easy route to the corporate network and precious data.
What about Remote Desktop Gateways
A remote desktop solution via a gateway is a much better way of connecting to your corporate network. Users connect using remote desktop gateways rather than VPNs and use remote desktop clients to remotely control computers on the corporate network, greatly reducing the risk of malware spreading to corporate servers and data.
The standard approach is to provide remote desktop “servers” on the corporate network which enable multiple users to connect to them at once and run their business applications. Trying to connect to user’s individual office PCs isn’t advised as they may be switched off, and will consume a lot more power than a small number of servers.
Setting up a remote desktop server solution from scratch requires some specific skills as well as several new servers, software licences and SSL certificates to encrypt data as it passes over the internet. There is a fairly hefty upfront investment required for this type of solution, especially as you have to plan for peak usage, but your requirements may decrease during these uncertain times. See later in this article for more flexible solutions.
One of the more significant costs of a home-grown remote desktop solution is the one-off purchases of Microsoft Remote Desktop Services (RDS) Client Access Licences (CALs). You could be paying up to £186 for a single RDS CAL direct from Microsoft. You also need Windows Server CALs for each user. You may already have these as part of your existing Microsoft Licence agreement but it is important to check that these cover additional devices i.e. your users’ home PCs.
What about hosted remote desktops for home working
With a hosted remote desktop service (sometimes called hosted desktops) all the additional servers and licences are all taken care of by the provider. The line of business application is moved from servers on the business premises to servers hosted by the provider in their data centre. Other applications that may interact with the business application can also be hosted on the remote desktop. Anyone needing to work from home because of the risk of coronavirus (covid-19) can easily connect over the internet using PCs, Apple Macs, even Android and iOS devices.
As the provider will be licencing thousands of users there are huge economies of scale benefits, the cost of something like a Remote Desktop Services CAL can now be rented monthly at around £6.00 a month instead of a massive upfront payment. You could rent RDS CALs for between 12 and 18 months and still pay less than buying CALs outright.
Another advantage of the hosted remote desktop service is the flexibility of being able to increase and decrease user numbers as required. Look for a provider who doesn’t tie you in to a contract so that you can, if you want to, return to your on-premise server platform once this crisis blows over.
What applications can I run on a hosted remote desktop service?
Near enough any Windows desktop application can be run on a remote desktop service. If you need your team to work from home and to move your business systems to the cloud quickly then a hosted remote desktop service can get you up and running in a matter of a few days at most, a lot quicker than going out any buying new servers. .