Setting up a VPN (virtual private network) is the new age equivalent of choosing your company’s physical security systems. Think security staff, parking areas, photo-ID swipe cards, reception areas, locks on filing cabinets and doors to your premises. Going about the VPN decision the wrong way can have detrimental consequences for your business, and perhaps your career.
Obviously something spurs the decision to get a VPN. It may be that executives or staff need remote access to files or applications, a connection with other branches or even partner companies, or perhaps it was simply a mandate from the higher ups and it’s just your job to make it happen. VPNs are great and can certainly add value if procured, setup and managed correctly.
Here are some of the most common mistakes made by managers surrounding the assessment, implementation and management of a VPN solution:
The “we’ve got a guy” syndrome
Well, of course you do. Everyone does. In fact, there are over 70,000 independent technicians in Canada today, and that doesn’t include your colleague’s brother’s next-door-neighbour’s kid who just graduated from Waterloo and is a total genius with computers either.
Although a VPN is a technical solution that requires hands-on technical expertise, the process of policy selection and management is strictly business. A compliment of management discussing their business concerns and goals with a technical business professional (hint, this is often a different individual than the technician who configures, installs and manages the VPN) is essential. Your business goals must be analyzed along side of the specific technical requirements in order for the right solution to be implemented (e.g. maybe a Fortinet device is best for your network because you have multiple IPs and a reconfiguration would be too costly, or perhaps a CheckPoint solution because you have a tight budget but demand rich feature sets).
Making a rushed decision
I can’t recall the last time a CFO screamed in horror “We need our annual financial statements today!” and had absolutely no idea it was coming. We’ve been using the 12 month calendar for a long time, and it is crystal clear when these are due. Technology isn’t too different, although it is much easier to not be able to see the forest through the trees. Planning is an essential component of all decision making.
Treating the buying process like a consumable parts purchase
VPNs really aren’t a simple side by side comparison of the top three vendors, presented by three different VARs/integrators/consultants. Evaluate your VPN decision across the following categories: the manufacturer, the implementation, and the ongoing management and support. Most people would recognize some of the leading business-class VPN manufacturers like Cisco, Nortel, CheckPoint, Juniper (formerly Netscreen), and Fortinet. However, many would not recognize the myriad Canadian technology service firms acting as the channel, who actually sell, delivery, implement, configure, manage and support these solutions. Perform your due diligence.
Adhering to company policies
VPNs should translate the company policies into technical rules. Nothing less than a successful mirroring of these policies is sufficient when implementing a VPN solution.
Rob Duxter is the CEO and president of Network Integrators of Canada Inc. , a Toronto-based outsourced technology services provider (TSP) focused on the small and medium-sized business market (5 to 250 seats). Contact: www.niCanada.com