When he's on deadline, Ed Cafasso often works at home to avoid interruption. When he does so, he relies on his company's virtual private network (VPN).
"The VPN gives me full access to all the documents we have on the server," said Cafasso, senior vice president of Morrissey & Company, a small Boston communications and reputation management firm. "I have the exact same capabilities at home as I would have sitting at my desk in the office."
Once considered so complex and expensive that only large enterprises could deploy them, VPNs are becoming a staple business tool for many small businesses. They foster communication when employees can't be in the office, help tie together remote offices and increase productivity.
Firewalls and Encryption
In simple terms, VPNs provide highly secure communications between remote users and a company's internal network over the notoriously insecure Internet. Without such security, it would be relatively easy for hackers to gain access to your company's data.
There are other types of secure connections, but none as cheap or flexible as a VPN, according to Michelle Drolet, president and CEO of CONQWEST, a Holliston, Mass.-based technology security firm specializing in small- and medium-sized businesses.
Drolet cited the example of one client who had been using a frame-relay connection, which is essentially a secure, dedicated telephone line used for data.
"They have a headquarters with about 25 people and between five and ten people in four remote offices," Drolet said. "They were paying $10,000 a month for frame relay."
They replaced the frame relay system with VPNs installed at the headquarters and at each of the remote offices, she said.
"The cost (of the VPNs) was about $7,000 and the maintenance agreement costs between $1,000 and $1,500 a year. They still need an Internet connection, but that costs less than $2,000 a month for a fast T1 line. We charged them about $3,500 to implement everything."
Put differently, the company will see a payback on their VPN investment in less than two months. "That's pretty good," Drolet commented.
Nuts and Bolts
There are two key parts to a VPN, according to Drolet.
"It all starts with a firewall," she said. A firewall sits at the perimeter of your internal network and prevents unauthorized access from outside. It uses a process called authentication to ensure that the person trying to get through the firewall is who he or she says they are. Since communicating with a network is a two-way street, you need a firewall at both ends of the communication, such as a remote user's laptop and your company's internal network.
The second part of a VPN encrypts data, sends it over the Internet and decrypts it at the receiving end. Encryption scrambles data so that hackers can't read it. The result, Drolet noted, is a secure tunnel through the Internet that hackers can't break into.
There are two basic ways to implement a VPN, Drolet said. The first is to deploy dedicated "appliances," or hardware that attaches to the network at both ends of the communications. In the case of her client, for instance, that meant a VPN appliance was installed in headquarters and in each of the remote offices. These appliances have built-in firewalls and encryption and decryption capabilities.
The other solution is to use software versions of firewalls and encryption, which are widely available and are inexpensive. In fact, Microsoft includes the VPN software free with Windows XP, which is what Cafasso's company deployed.
"There are pros and cons to each approach," Drolet said. "It depends on your business model."
In simple terms, the software-only approach costs less and is easier to deploy. A non-technical employee who enjoys technology deployed Morrissey & Company's VPN using Microsoft's software, according to Cafasso.
By contrast, appliances cost more and must be installed by information technology (IT) professionals, which further adds to the cost. However, IT professionals can manage the devices from a central location, determining who has access to the VPN and responding to attempted intrusions. Appliances also tend to provide faster access to the network.
"Software works fine if, say, you have an employee or two who works at home," Drolet said. "Hardware is better if you have a number of regional offices."
For either type of VPN, though, you need a fast Internet connection. In particular, employees working from home will need broadband connections. Accessing a company network with a modem connection is agonizingly slow and the encryption and decryption of a VPN slows things down even more.
The User Experience
While some VPN installations are technically complex to set up, using the VPN connection is simple.
"There's an icon on my desktop," Cafasso said. "I click on it and it establishes the connection. Then, I click on another icon that connects me to the company's server. The whole process takes maybe 10 or 12 seconds."
After that process is finished, what he sees on his computer screen at home is exactly what he would see at his desk in the office.
Cafasso said the VPN not only helps him be a more efficient employee, but it also helps with his personal life.
"It more than pays for itself in terms of the ability to respond to customer issues," he said. "It's impressive to clients that their communications firm responds to their needs whenever they arise. But it also helps in my personal life, if I have to be home to take care of my kids."
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|