This summer, the UK is hosting what’s billed as the world’s biggest and most connected Olympic and Paralympic Games yet. London 2012 will last for six weeks, with organisers predicting crowds of up to 500,000 people each day. An estimated 20 million spectator journeys are anticipated in London during the Games, with three million taking place on the busiest day of Friday 3 August.
With businesses operating in and around Central London and the Olympic sites likely to experience considerable difficulties with access, transportation and mobile telecommunications, the Games’ organisers are advising people to work from home or take leave on these dates.
By now, organisations in London and other Olympic locations should be in the advanced stages of developing and testing their plans for mitigating the potential impacts on their business. Many are likely to be including an element of flexible and home working, but while most will already have a remote access solution in place, the key question is whether these solutions can maintain the necessary level of performance and security when challenged by an event on the scale of London 2012.
In addition to the massive surge in human traffic, communications networks will almost certainly be affected, with the capacity and availability of internet bandwidth and mobile networks coming under pressure. This will impact negatively on the performance of any remote access solution relying on broadband or mobile data connectivity in and around London.
For example, there might not be the necessary amount of bandwidth available to establish a VPN connection at times of peak traffic. In research commissioned by BT following the Vancouver Winter Olympics in 2010, one in four of the businesses surveyed suffered network capacity issues during the event; while 30 per cent said that with hindsight they should have increased flexible working facilities for their staff.
Aside from potential issues with network capacity, firms must also consider the compliance and security implications of providing remote access to a greater number of employees, especially those not used to working with the technology and who might inadvertently pose a risk. In the basic type of remote working set-up for example, where a VPN solution is employed, the corporate network needs protection from the threat of users connecting from a remote computer infected with a virus or worm.
Likewise, some forms of virtual desktop solution create an additional layer of complexity in terms of support and management, because they require that the PC located in the office be switched on and that a permanent connection with the remote device be maintained for the duration of the session.
Being fleet of foot
Given the limitations of conventional VPN and virtual desktop solutions, the most flexible means of remote working is to have key applications available via the web. Here, the employee working remotely logs-on securely to a web portal and runs the applications locally from their device. This is the least bandwidth-intensive option, has a lower hardware requirement and the lowest overhead in terms of support and management.
This approach also allows firms to open up the corporate IT environment to a greater range of end user device types, including laptops, tablets and smart phones. In addition, security is enhanced, because applications and data reside within the confines of the corporate firewall and access is secured via password and some form of two-factor authentication.
Installing an infrastructure to support this capability does require more server capacity and application development, as well as additional licensing, but businesses should not be put off by this upfront investment because cost savings are realised over the longer term in the form of a lower support and management overhead. With such a wide array of remote access options available firms must have a comprehensive understanding of their solution design requirement.
All too often, assumptions dictate design, resulting in a solution that doesn’t really meet the organisations requirements, or which can fall short of the final hurdle. The fact that not all roles can be adequately performed off-site is often overlooked, so it is important to consider how many users would be able to work remotely if they had access to their applications and data. Once this is established, the next step is to identify the specific applications and data they need. Only then can an informed decision be taken concerning the best way to deliver applications and data remotely.
Ensuring the right fit
With the initial solution design in place and technology procured, a remote working implementation is ready to move to high-level design and proof of concept (PoC). This ensures the system specified meets the business requirement and that there are no obvious issues with the chosen technology.
Essentially, the aim of the PoC is to de-risk the project from start to finish and ensure that on completion, the firm arrives at a solution that meets its requirements, at the right price and within the required timeframe. While such an approach may sound like common sense, it’s surprising how many businesses fail to prepare in this way.
Another major factor, often overlooked at the design phase, is that communication service providers offer only loose guarantees around bandwidth availability and quality of service (QoS). Business-grade connections do come with service level agreements (SLAs) on availability, but not always a guarantee on bandwidth, unless a more expensive service is specified. And even when a low bandwidth contention ratio is promised (e.g. 5:1 or better), the words ‘most of the time’ will typically be found within the SLA.
However, cost is often the overriding factor in service provider selection so unless SLAs are penalty based and stringently enforced, it’s best for firms to have a backup. This could mean having a mobile data contract, or implementing a means of prioritising bandwidth allocation for users based on job function. The latter can have a number of advantages. Limiting bandwidth on internet connectivity out of head office for example, or for certain types of user, means more bandwidth can be made available to others – especially those working remotely.
It is also worth assessing whether there is a way of increasing resilience by delivering remote working applications across multiple points – e.g. out of the publicly-hosted cloud environment, as well as out of the data centre, although there are security issues to consider with this approach. It is also possible to allow remote users to run applications locally using a combination of streaming and encrypted USB. However, the latter is not suitable for collaborative applications or those powered by a large database.
Balancing cost and risk
There are several additional factors to consider with remote access solutions. The most important is whether the firm has a flexible working policy to encourage home working, as this can result in greater productivity because employees can start work earlier and often finish later without the commute. Naturally, flexible working assumes a certain level of trust, but firms can establish a KPI platform backed by a measurement and reward scheme to ensure both parties realise the benefits. Software can also be implemented to monitor a remote worker’s application usage.
Ultimately, the success of a remote working solution comes down to the design requirement when assessed against cost and risk – i.e. what is the potential impact on the business if a particular number of users cannot access the corporate computing environment during an exceptional event, against the cost of the remote access solution being implemented. For example, if the business calculates that the disruption caused by the Games would mean a 20 per cent reduction in productivity at a cost of £1 million, but a remote access solution would cost £2 million to deliver, then perhaps a more pragmatic solution is needed.
By fully understanding the design requirement, assessing it against what’s available in the market and in-house skills, capabilities and current IT estate, it is possible to find the optimum balance between cost and risk. At a more granular level, with the risk factor quantified, the cost of service delivery can be tiered in respect of business priority – i.e. which services and applications need to be provided to which users to ensure the company can maintain an acceptable level of service. It’s then a case of matching the technology options to each tier of business priority to work out the overall cost to the business.