Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Remote Control

Being able to reach employees around the clock is tempting for employers; for employees, being able to access work systems from home suggests better work-life balance. But for CIOs, there are significant technical and management challenges to be faced first.
Page:

Google should shoulder some responsibility for remote access to corporate information systems. Its Internet engines suggest it is possible to access anything anywhere anytime. If Google can do it, executives argue, why not rip down the walls on corporate information systems and let employees access them anytime anywhere too?

A growing gaggle of businesses are doing precisely that. Australian Bureau of Statistics (ABS) figures show that 24 percent of employees now do some work from home, and recent research from Unisys and the State Chamber of Commerce shows that two in three businesses have employees who telecommute at least occasionally - that is up 36 percent on last year, and 60 percent on 2004.

For CIOs, this rising tide of demand requires technical savvy coupled with careful attention to usage policies and procedures. It is no good letting someone work from home if the business gets slapped with an occupational health and safety suit or is hauled over the coals for privacy lapses.

Businesses that do permit remote access have to ensure secure and appropriate access to applications and data; they have to be assured that the person logging on is who they say they are, that the remote computer set-up remains in synch with the core systems and cannot crash the core, and that remote employees are not downloading data onto memory sticks or burning CD-ROMs inappropriately.

And how do you make sure that the home worker is following occupational health and safety guidelines rather than lounging on the floor and generating a workers' comp case in waiting? How do you schedule necessary maintenance if employees want round-the-clock access? How do you support and service remote computers and their users? How do you ensure long-term telecommuters remain productive, motivated and in touch if they are rarely in the office? How do you make sure that the employee going over the big deal on a computer in an Internet cafe is not being watched by an industry rival sitting at the next station?

Stephen Arnold, CIO of Ernst & Young, is an old hand at offering remote access. Some 90 percent of Ernst & Young's PC population is laptop - about 4000 machines. "We have been geared to mobility and to allow people to connect remotely for a long time," Arnold says. Early in the 1990s the laptops were stand-alone, with modems added as they became available. "Now we are more reliant on Internet-type technologies, largely because our clients have digital or VoIP telecommunications," he explains. "There is no facility for analog dial-up, so we use the Internet to connect or wireless connection." He is currently wireless-enabling the entire fleet of laptops.

Arnold says two of the most important elements of a successful remote access program are, first, to ensure that all users are fully trained, know how to connect remotely and properly use their applications, and second, that proper security measures are in place.

For Ernst & Young that means encrypting all data on the laptops and the virtual private network sessions established once a user dials into the Ernst & Young network (using an RSA token for more secure access). Although the firm looked at thumbprint access nine months ago, the biometric technology was deemed too immature and too expensive. However, Arnold says his firm will definitely look at it again. "We want to make it as easy as we can for our users."

Unlike some corporations that provide screen-scraped access to applications, Ernst & Young loads the application onto each laptop. "That's because connectivity can be problematic on occasion," Arnold says. "If you are on a plane or at a mine site, for example, you need to make the employee self-sufficient." Each day when the PC is connected to the corporate network the data on it is backed up centrally to protect against a crash or machine theft.

Usage policies are clear that the firm's laptops are only intended for employees' use, and no unauthorized software is to be loaded onto them. Arnold acknowledges though that it can be tricky to ensure that data on the laptops is always used appropriately. "It can be difficult to protect the data. You have to limit the things that people do. Every time you stick in the memory stick our policy appears on the screen. We are now working on something so that every time you burn a CD or store data onto a memory stick that will be encrypted as well."

Encrypting memory sticks, or USBs, is something that Gilbert + Tobin CIO Mike Solomon has also been asked to look into. Often used in client meetings to share documents, USBs, which can store up to a gigabyte of data, have become hugely popular - but also a headache to manage.

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ABS, Australian Bureau of Statistics, BlackBerry, Citrix, Clayton Utz, Ernst & Young, Ernst & Young, Forrester Research, Gigabyte, Google, Hewlett-Packard, HIS Limited, HP, OAMPS, RSA, Skype, Solomon, Unisys, VIA, Virtual Office

Comments

1

Cindy Stiltner

Tue 21/09/2010 - 05:00

Remote Control Software is certainly a huge issue for the IT professional these days. Any suggestions on where to turn for a medium sized network?

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Look both ways - Protecting your data with content inspection
    Today’s threat environment is as dynamic as the business world in which we operate. As the communications channels we use continue to proliferate and evolve, so too have the vulnerabilities. Finding the right balance between ensuring the security of sensitive data, enabling the free flow of information and making full use of the latest web-based technologies can be a challenge. Deep content inspection is a vital layer in any unified information security strategy, helping organisations to take control over their information assets while proactively protecting against malware and data leakage. Read on.
    Learn more »
  • Blurring boundaries: The disappearing gap between work and home life
    Call it multi-tasking, life-splicing or bleisure but increasingly, fuelled by advances in technology, employees are blurring the boundaries between home and work. ‘Generation Standby’ employees, never truly ‘switched off’ and always ready to be called upon, are now enjoying, and expecting, greater levels of flexibility and mobility than ever before. Read on.
    Learn more »
  • Best Practices for Energy Efficient Storage Operations Version 1.0
    The energy required to support data center IT operations is becoming a central concern worldwide. For some data centers, additional energy supply is simply not available, either due to finite power generation capacity in certain regions or the inability of the power distribution grid to accommodate more lines. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.

HP and IDG news, product videos and resources