The rise in teleworking is well documented. A Gartner Group study predicts more than 137 million workers worldwide will be involved in some sort of remote work by 2003. Also accelerating the distributed organization is the rapid adoption of affordable, widely available broadband Internet access. Internet users with broadband access will triple from 7% to 21% to 25 million users by 2003 and VPN expenditures will increase 529% by 2004 (Infonetics Research). Last year a government Labour Force Survey* showed that as much as 6% of the UK working population, equivalent to 1.5 million people, work for their employer or client via a remote link.
Yet security remains an issue. A joint report from the DTI and PricewaterhouseCoopers released earlier this year shows 44% of UK businesses suffered at least one malicious security breach in the past year. Many in the industry fear that the move towards teleworking and the corresponding change of the enterprise network from a closed, protected architecture to an open, Internet-based system leaves a lot of questions unanswered.
For example, how can companies prevent non-secure home networks from compromising their corporate networks? What can be done to protect remote workers against the constant threat of new viruses and worms? What is the best way to expand the telecommuting network without opening new security holes? How can they successfully manage a diversified, constantly changing telecommuting workforce? Finally, and perhaps most important of all, How do companies retain control over a network of widely distributed remote access points?
The common practice against unwanted Internet access has been to fortify the enterprise network’s main entrances against hackers. High-end security solutions are now in place at the main entrances to the enterprise network. But that is not enough. Although the front door may be fortified and monitored, the distributed enterprise faces a growing number of other network entrances from remote offices and workers. These remote sites often lack the enterprise class security and remote access protections found at larger sites. Not only do they place their own data and applications availability at risk, they also provide an unguarded “back door” into the headquarters network. Protecting remote offices and workers connected to the enterprise network requires the same security measures used protect the main entrance. But the high cost and complexity of these security solutions makes it inappropriate to deploy them at these locations.
With the arrival of affordable broadband Internet connections and standards based Virtual Private Networks (VPNs), communications links can be done quickly, cheaply, and safely across the world. VPNs can be used to connect mobile users using dial-up Internet connections, link two LANs together via the Internet, allow remote offices and users to securely access internal TCP/IP applications running on the corporate intranet and enable secure access to the corporate extranet for vendors, partners, and customers.
VPNs are generally perceived to be 100% impervious. However, the vast majority of existing VPN solutions on the market today do not make allowances for the fact that remote workers may themselves be on a small family network. This means the network activities of other family members could inadvertently leave the VPN tunnel open to unwelcome visitors.