Most of the recent focus around disaster recovery and business continuity has been on ensuring that host systems are resilient to all types of business disruptions. Equal attention, however, should also be given to ensuring that employees can securely access those systems remotely. Without access to key enterprise applications, many employees simply cannot do their jobs productively.

Keeping employees productive during a disaster starts with an understanding that different types of business-continuity events impact employees' ability to do their jobs in different ways. Some events, like an electrical or HVAC issue with an office building, affect a specific location for a relatively short period of time, so businesses can simply relocate office workers to a temporary facility nearby. Other events, like hurricanes, floods, fires, earthquakes and winter storms, tend to impact a larger geographical area for a longer period of time, so the ability to relocate to a temporary facility may not be feasible.

In an extreme case, a pandemic or biological/nuclear terrorist attack would prevent employees from going to any type of workplace for months or longer. Any of these business-continuity events that impact a wide geographic area will require employees to access business systems and applications remotely in order to continue doing their jobs effectively.

The main benefit of an SSL VPN is that the SSL appliance can control access to the specific applications that particular type of user is allowed to use.

The majority of office workers can perform their jobs remotely if they are given the appropriate technology and training to do so. Some already have this technology and training, and are used to working remotely. These are typically sales reps and executives, who have company-provided laptops with an Internet protocol security (IPsec) remote access virtual private network (VPN) client.

In most companies, however, fewer than 25 percent of employees have such technology. Giving every employee a laptop and IPsec clients can be expensive, difficult to install and support. Plus, installing an IPsec client on employees' home PCs is not normally a viable solution, since it is not a "trusted" device, and it may not even be the device they would use in the event of a disaster.

One technology for providing remote access to employees is a secure socket layer (SSL) VPN, since it does not require a software client. Employees go to a Web site using a standard Web browser on any PC, type in their corporate authentication credentials (i.e., no need to remember a different user name and password), and the browser establishes an encrypted session with the SSL appliance.

It does this by proxying the company's employee directory (Active Directory, LDAP or RADIUS), so it is always current. This way, employees can access the network from any PC, Mac or Linux machine, or hand-held device.

The main benefit of an SSL VPN is that the SSL appliance can control access to the specific applications that particular type of user is allowed to use. This list of applications can vary based on whether the employee is using a company-provided laptop versus some other "untrusted" device. For increased protection, the SSL appliance can also check to make sure users' PCs have firewalls and up-to-date antivirus software before establishing the encrypted session.

Scaling an SSL platform to support all employees with the appropriate access-control policies is not a simple task. It requires special expertise and sufficient hardware and user licenses. Plus, monitoring the SSL platform 24/7 to ensure it is always available, and quickly resolving any issues that may arise when a disaster occurs, takes considerable resources.

Greg Davis is vice president of product marketing at MegaPath, Costa Mesa, Calif., where he oversees product development, pricing and marketing. He has more than 15 years of experience in wireless, Internet and telecom. He holds an MBA from Duke University and a B.S. from Georgetown University.

For more information (click here)