Let’s face it. VPN technology is complicated, and VPN is a pain. A pain exacerbated by the clichéd increasing pressure to work remotely. A recent Gartner survey of enterprise CFOs and leaders indicates that 74% of companies intend to shift some employees to remote work permanently.
Google, for example, announced plans to change the way employees work. There is a company-wide email from Sundar Pichai indicating that the company will not only push back reopenings to September 2021, but pilot a “flexible work-week” when in-person work resumes. Staff would be expected to work in the office for at least three days of “collaboration,” but could spend any other days at home.
According to academic research, one of the factors that cause employee disengagement is when you have to keep climbing over or around barriers to get what you need to do your job.
Now let's count the steps a remote worker takes to set up VPNs on mobile devices. First, find a "AnyConnect VPN client". Second, click on it. Third, wait for it to connect and find a file server in the corporate network; Fourth, map a drive letter or use another app. And last, calling support when it breaks. The hassles go on and on. Does the above describe exactly "keep climbing over or around barriers"?
Are you paying for a Cisco or Palo Alto firewall with a VPN client like AnyConnect? Switching to a web-based drive mapping solution can turn those costs into profits or savings. The fantastic thing is that a web-based solution is also easier to use, faster, and more secure. You are saving money on software licensing costs, and you are also saving money from reduced VPN ticket troubleshooting working hours and making money from enhanced employee productivity.
A web-based solution doesn't mean it is limited to a web browser interface. It means leveraging HTTPS/SSL web-based protocols to have a remotely mapped drive letter on your laptop, have mobile applications on your iOS and Android phones, and have a web-based file manager in modern web browsers for remote file server access.
Service provider reduces firewall and VPN costs by 80% . We recently spoke with one of our MSP partners. They had a large law firm as a client. The firm was using a Cisco Firewall and the AnyConnect VPN client to allow remote workers to access files. After switching 115 users to CentreStack, costs were reduced by more than 80%. More importantly, it was a much simpler experience for remote workers, which eliminated VPN-related tickets.
Does this sound too good to be true?
Are you interested in seeing how a web-based approach unifies drive-mapping, mobile applications, and web browsers?
Are you wondering how we can offer more security than a VPN? Or what if you need the VPN or even RDP to run applications? Keep reading, and we’ll address each of these issues.
Employees can map a drive letter to corporate file servers without using a VPN
The Web-based approach is much easier to unify mobile devices and web browsers and traditional drive mapping solutions into one offering. As a comparison, IPSec-based VPN solution is not on the same level as web applications.
The web-based approach is as secure and at the same time not as picky as an IPSec based solution. It is much easier to keep working on files without worrying about broken VPNs.
IPSec-based VPN solutions open the whole network to remote devices. Web-based drive mapping can lock it down to minimum required ports and protocols for a much smaller attack surface.
Here are a few examples of the security benefits that come from using a web-based mapped drive solution to replace or augment a VPN
You’ll still get a lot of benefit from the web-based drive mapping solution in tandem with the VPN. For example, remote workers often need to login to the VPN connection even when they just want access to a file. These users will no longer consume a VPN connection and will use a lot less bandwidth. Instead, they’ll have an always-on mapped drive that automatically caches their working set locally.
Mapping a drive over HTTPS provides several advantages for on-premise file sharing. But the common theme is to combine the best of both worlds. We want all the security and control of a traditional file server to be combined with the usability and collaboration features of cloud-based services like Dropbox and OneDrive.
Gladinet solutions achieve this by creating its own secure tunnel over SSL to provide access to file servers and then present the files on the endpoint in a mapped drive that users are familiar with. During the mapped drive operation, the user will notice additional options in the right-click menu that offer productivity boosters like the ability to request files, share files, enable offline access, generate public links, and manage revisions to protect the data, and more. In other words, it's a novel approach to unify cloud and on-premises storage systems without losing any of their respective benefits by using a familiar mapped drive as the focal point for users to access, share, and otherwise manage files in the cloud or on remote file servers from any location.
Caching on-demand access requests to a mapped drive based on file system drivers provides some very significant performance benefits. Most notably, users will usually find themselves retrieving data from the locally cached copy during regular operation. And when a cache miss requires that data be transferred, only the differences will be transmitted, and those transfers will also go through a series of sophisticated compression algorithms. The bottom line is that the users feel like they're still connected to the high-speed LAN in the office even when they're working remotely or from home. It may not be easy for the average user to understand why it's essential that their mapped drives are based on a modern protocol optimized to work over HTTPS instead of sharing files over a VPN-enabled wide-area-network (WAN). And they may not understand that the file-sharing protocols (CIFS/SMB) designed to work on a high-speed, low-latency high-reliability local area network (LAN) won't work as well when forced across the WAN by their VPN. But once they feel the ease of use and performance of a mapped drive over HTTPS, they won't care why it works. They'll want you to make sure that it keeps working.
When remote workers use VPN, they must consciously remember whether they are "connected" or "disconnected." To make matters worse, network glitches and laptop lid-closing events can turn the VPN into a "disconnected" state, even when remote workers recognize that the VPN state was "connected."
Forcing end-users to remember a VPN state is like asking restaurant customers to set the tables themselves and put the plates on the table when food comes out. A much easy solution is to have an always-on drive letter that manages the online or offline state automatically. Remote workers shall focus on the file contents, without the hassle of "connecting AnyConnect VPN client."
Dropbox and OneDrive popularized the idea that you can find your files at your fingertips whether you are on your laptop, mobile phone, or with a web browser. The files are always following you on your closest device.
With a VPN solution, the remote workers are required to jump through several hoops, such as find a VPN client or app on the device, connect it, and then disconnect it after usage. Does it sound right to you? If you jump through hoops, the files are at your fingertips finally ??
You need a solution that works like an OneDrive, but connect your remote workers to corporate file servers instead.
Mapping a drive over HTTPS significantly reduces your attack surface. When a client device connects to your network with a VPN, it has much more access to your network. This can prove problematic for an unmanaged device (typical for home users) that may not have the correct versions of antivirus software or other security countermeasures in place. In contrast, drive mapping over HTTPS only provides access to the file shares that each remote user needs without giving them access to the entire network. This makes it much more difficult to mount an attack. And in addition to the fundamental reduction in attack surface, there are additional security features like ransomware detection and mitigation, encryption, secure data rooms, multi-factor authentication, auditing, and reporting that provide a robust arsenal of countermeasures to prevent intrusions or other unauthorized uses.
As mentioned earlier, secure file sharing with a VPN only works while connected. Remote workers need the option to right-click on any folder to 'Enable Offline Access.' That folder's contents will then be copied to the local cache so you can work on it while disconnected from the network. The software will automatically synchronize the offline folder back to your file server whenever connectivity is restored, but you can continue to work uninterrupted when the connection is lost. In this way, remote work can continue without any dependence on your Internet connection's reliability or speed.