Remote Access Offers Complexity, Security Issues for IT

Remote access is becoming more popular, more complex and more risk-prone, necessitating that IT shops become more aware of the issues involved.

Once upon a time, remote access wasn't a pressing concern for most IT administrators. A combination of on-premises servers, desktops and phones met the needs of workers commuting to a central office from home.

But as with nearly everything in the world of enterprise IT, technology evolved to the point at which this centralized model no longer applied to most businesses. More workers began telecommuting, sometimes from a continent away, while road warriors made a culture of rarely visiting the home office. With a VPN and a corporate-issued laptop, these employees could interface with their company's network. For IT administrators, remote access became a larger and more complicated task.

Even that model, however, looks simplistic and antiquated to the one looming over the enterprise landscape. With more employees clamoring for tablets and smartphones-and wanting their IT departments to integrate their personal devices into the corporate network-the task of offering secure, simple, remote access threatens to become a monumental challenge for IT pros at every level.

Nonetheless, for both SMBs (small- to midsize businesses) and the enterprise, the advantages of ubiquitous remote access are multiple. Those solutions, in conjunction with the cloud, can make remote workers more flexible while lowering an organization's costs. "The ability to pay as you go is a big plus," said Mike Pugh, vice president of marketing for J2 Global Communications, which offers businesses a variety of communications services, such as e-mail and unified messaging. "If it works, businesses can keep it and ramp it up, or else round it down."

"On the enterprise side, you get the ability to work it within the enterprise environment," he added. "For smaller companies, the ability to adopt what you please is somewhat easier."

That appeal could be driving what industry experts see as a noted uptick in the number of businesses gravitating toward remote-access solutions.

"Over the past six months to a year, it has become really wild," said Martin Hack, executive vice president of NCP Engineering, whose products include a centrally managed VPN solution and personal firewall. "The demands of users have increased dramatically, in terms of people wanting to connect anytime, anywhere."

But the explosive growth of iPad and Android-based devices also caught some IT pros by surprise. "They had a VPN gateway somewhere, and now these users are coming out of the woodwork and saying they want to connect," Hack said. "It became very evident that people were not prepared for it at all, and now they're dealing with the aftermath: endpoint security is basically non-existent."

In addition to security issues, the latest remote-access model threatens to swamp IT administrators, and possibly workers, in a rising tide of complexity. On the backend, much of this complexity is due to the need to introduce four or five different applications or platforms in order to enact a single solution: a server from one vendor, say, running software from another, meant to deliver applications or services to a variety of devices built by yet other manufacturers. Adopting a cloud service can alleviate some of this unnecessary intricacy, but many companies remain bound to on-premises or hybridized legacy systems.

Fortunately, tech companies have been working on ways to alleviate those issues, even beyond making sure their VPN is secure and warning employees about clicking on possible malware links.

"IT administrators care about data at the end machine," Tom Quillin, Intel's director of security technology and initiatives, told eWEEK. "That means data encryption. In 2011, really, every machine ought to be taking advantage of data encryption. Our policy is that every primary end-user machine must have data encryption."

In previous years, data encryption was liable to drag down a machine's performance in significant ways. Helping alleviate that issue are newer and faster processors, including Intel's, the latest versions of which have the mathematics of the encryption operations built into the processor instructions.

Another security issue revolves around introducing a streamlined and reliable method of end-user authentication into a network. To that end, companies such as Intel have focused in recent quarters on developing anti-theft technology that can remotely wipe a smartphone or render a laptop totally unusable.

On top of that, new hardware is introducing an additional security factor into the password process. Intel Identity Protection Technology embeds a token that creates a six-digit number, valid for 30 seconds, that acts as a second password. Hewlett-Packard's new EliteBook p-series includes a fingerprint reader and proprietary face-recognition software that scans the user's features via the Webcam. Other dual-factor password systems require the user carry a token or key-fob that generates a new secondary code every few seconds or minutes.