Remote Access for Small Business Networks - Orlando's Best IT Support and Managed Services Provider

Remote Access for Small Business Networks

Posted by Timothy Platt on Dec 6, 2017

How To Provide Remote Access for Small Business Networks

Today we’re going to talk about providing secure remote access to your business’ network. Why would you want to do this? To allow employees to work remotely – and to let them have access to the servers, applications, and file shares they use regularly. This is great not only for occasional use outside of the office, such as on the weekend, or when on business travel, but also for allowing remote employees, such as those in a branch office or other satellite location, to work effectively every single day. Lastly, you may have a special project or other need where a consultant or contractor requires temporary, secure access to your network. Being able to provide remote access can greatly decrease the need for travel (and physical space considerations), and therefore helps to reduce cost.

Ok, so remote access is helpful, and is a key efficiency and productivity advantage for your business. How can we accomplish this, and keep things secure? There are predominantly two ways to provide remote access: By using a Virtual Private Network (VPN) or a remote desktop access program, such as LogMeIn, TeamViewer, or GoToMyPC. Both methods have advantages and disadvantages, so we’ll contrast them and give you some pointers to help you decide which option best fits your situation.

Contact VO for computer support help now

Use a Virtual Private Network (VPN)

Padlock - symbolizing the security provided by HTTPS
A Virtual Private Network (VPN) is normally provided as a capability of your internet firewall. With the use of client software installed on your PC, Mac, or mobile device, it allows your “endpoint” to create a secure, encrypted tunnel over the internet back to the office network, on demand. The encryption part of this solution is a key concept – as your business information traverses the internet, it’s going to pass through systems controlled by other entities – routers, gateways, etc. And if that information is not securely encrypted (being sent in “clear text”), it’s possible one of these intermediaries could read that information. Encryption prevents that, as it requires the two end points to negotiate keys that are subsequently used to ensure the connection is encrypted – the information is encoded via mathematical cryptographic algorithms. This ensures the information can only be read by the appropriate receiving party, but also ensures that the message can’t be modified (or corrupted) in transit.

Is someone snooping on your internet traffic a legitimate concern? Yes, it absolutely is. The insights from the Wikileaks Vault 7 document dump provide a fascinating view into this topic. These network snooping and other tricks can be in use by anyone – nations, cyber-vandals, or cyber-criminals motivated by profit, etc.

Once the encrypted tunnel is initiated, it’s as though your remote PC is plugged in directly on the office local area network (LAN). Servers, applications, and file shares will all be accessible. The speeds will be slower, because all the traffic must go back and forth over the Internet, but otherwise it will feel as though you are in the office.

The other key aspect of VPN security is authentication. The firewall has got to only allow access to those people who are authorized for access. Therefore, you’ve got to be able to prove to the firewall who you are, in a secure fashion, that can’t be abused by an attacker. This is called authentication. To authenticate to the network, there are normally a variety of options. Pre-positioned digital certificates can be used, which allow the firewall to recognize your machine and identity, and therefore allow access, in a relatively transparent fashion. Additionally, username and password is also possible. This option can potentially be integrated with your business’ Active Directory (AD) domain or other identity solution as well. When this is done, your users can use the same network account password they use in the office. Lastly, many of these solutions also support Two Factor Authentication (2FA) or Multi-Factor Authentication (MFA). And lastly, all these methods can be combined, to provide the utmost in security.

Enterprise grade and small business firewalls, such as those from Fortinet, Cisco, and Palo Alto, normally provide this VPN feature. Sometimes there are additional licensing costs to utilize the feature, and as mentioned, it will require a VPN client to be installed and configured on the remote machine. This process is normally easy, but it is an extra step. Lastly, setting up the VPN feature of the firewall, ensuring it is configured securely, and integrating with your authentication source (such as Active Directory), will require a reasonably skilled network engineer. This isn’t the sort of solution you will likely want to setup on your own.

If your firewall doesn’t provide a VPN feature, an alternative option is open source software – OpenVPN is a widely used, secure, and freely available program. It runs on a server and allows you to use that server as the VPN gateway to which the client connects. Please note that with this method, you’ll have to enable port forwarding, so that the internal server is reachable through the firewall, from the Internet.

Popular reasons to use the VPN method:

Some downsides:

These solutions aren’t perfect, and historically there have been known bugs and issues that allowed other parties to access the network, or to snoop even on encrypted traffic. This is why it’s important to review and apply security updates (in the form of VPN Client software updates, and device firmware upgrades) regularly.

Computer laptop - virtual it support is the best option for this computer user

Use a Remote Access Program

The other popular option is a remote desktop access tool, such as LogMeIn, TeamViewer, or GoToMyPC. These solutions provide a very similar capability, but in a different way. For starters, you’ll be connecting to your running machine at work – meaning it’s got to be powered up, and connected on the network. But because of that, you’ll have all the applications, mapped drives, shortcuts, and other items easily available – you’ll have your desktop and all its familiar settings easily accessible. You’ll literally feel as though you are working on your machine in the office.

The remote access software is effectively transmitting a view of the desktop of the remote machine to your computer – and this is done in a very efficient manner – on a good internet connection, you’ll feel just like you are in the office. What’s more, you can utilize any special hardware that your machine may have – editing videos or doing graphics work is quite feasible, in many cases.

And lastly, these remote desktop access programs provide the same secure, encryption technology just like a VPN. Nothing is transmitted in clear text.

Popular reasons to use this method

Some downsides:

Business can be overwhelmed by technology - but the right support team can help ensure things run smoothly

Other Options – Cloud Storage of Files

Beyond these two methods, there are other options, that may apply in some situations. Are you really trying to simply share access to files? A cloud based file syncing solution such as OneDrive or Google Drive may be easier to use, and less of a security risk. These solutions allow you to maintain a synchronized copy of your work files on multiple computers. This option can work for multiple users as well, you can share the cloud files with other people in your company – giving them read, or read and write access. Of course, you’ll need the appropriate software installed on both machines to edit the files. Cloud services, such as Office 365, offer many other benefits, as we discuss in this article.

Get Help from the Computer Support Experts

In summary, providing remote access to your business network can be fulfilled by implementing a VPN, or using a remote desktop access program. For more limited capabilities, but with less hassle, a cloud storage based solution may help as well.

We hope this information has been helpful. Knowing what option is best for you requires understanding your goals and needs. And remember, we’re here to help. Give us a call at (407) 268-6626 today.

Contact VO for computer support help now

IT Support by Virtual Operations

Virtual Operations provides IT support for small businesses in the Orlando and Central Florida area. Our managed IT services offering provides the expertise and quality care your small business needs. Please contact us today to find out how we can help with your computer support and network support needs.

Like To Learn More? Send Us A Message or call direct 407.268.6626

Back to Blog

Sign up for free and be the first to know about updates

Subscribe to Email Updates

It appears you are viewing this site through an obsolete web browser.

This site was built to comply with modern web standards and relies on features unavailable in browsers that are out of date.

You can learn more about your browser here. And you can learn more about modern web browsers here.

To hide this notice, click here.