As the work from home trend grows, many businesses require secure remote access to corporate apps and services for their distributed employees. But which remote access solution is best for your business?
As an IT consulting company, we're in a good place to provide you with a completely unbiased look at the different remote access options which are available.
It's relatively easy to get access to cloud services like Microsoft Office 365, G-Suite, Salesforce and other popular software-as-as-service applications that most businesses use today.
Employees can simply type in the URL from almost anywhere, and with the right credentials they can easily log in and access their favorite applications and services.
Note: Speaking of log in credentials, make sure you protect your online, cloud-based applications with Multi Factor Authentication to reduce the risk of your passwords being stolen.
Hackers love to use stolen passwords to gain access to your entire organization!
However, there are other business applications which are not so easy to access remotely, including on-premises apps and services that might be specific to your business.
Why Businesses With A Distributed Workforce Need A Remote Access Strategy
Many remote employees still need to securely connect to line of business apps such as finance, legal, healthcare, accounting systems and other content and services that are not in a public cloud.
As the number of employees who work remotely from home continues to grow, the need for cost effective access from a home-based internet connection is something almost every company needs.
And nothing is more frustrating to a remote employee than not being able to access data and applications that they need to get their work done, which in turn will have a significant drain on company productivity.
Of course, the actual user experience is key when it comes to remote access from home or elsewhere - if it's too complicated or is not reliable, that brings on it's own set of frustrations.
But there are so many secure remote access options out there that it can be confusing as to which one is right for your business. If you do a quick google search, you'll find out that it’s pretty easy to become lost in a sea of marketing from all the different software vendors.
We'll begin with a brief definition of the three most well known remote access technologies, followed by the key differences between them including the pro's and con's, to help you get up to speed on your options.
What is a VPN?
A Virtual Private Network (VPN) is a technology that allows user devices to securely connect to a corporate network from remote locations with an Internet connection.
This technology is usually restricted to laptops (PC or Mac) and provides access to network resources such as shared folders and printers remotely, via a secured connection.
Users will need to install an application or have a connection setup on their device, so this will require assistance from the IT team or your IT service provider.
You can take a look at some of the most recommended VPN services for 2021 here, but be sure to speak to an IT expert who understands your exact business needs before making a decision.
What is VDI?
Virtual Desktop Infrastructure (VDI) provides remote access to a virtual desktop to a centralized server, which means all users get access to the exact same applications, as provided by an administrator.
With VDI, each user will have their own dedicated Windows-based system which can be configured to their liking, unlike RDS (see below.)
In this scenario, there are separate virtual machines being hosted on a single (or multiple) server with dedicated resources for each machine, which can improve both security and performance.
There are tons of VDI solutions on the market, feel free to do your own research but again, be sure to reach out to an IT professional before you invest.
What is RDS?
Remote Desktop Services (RDS) is the latest evolution of Microsoft’s remote access solution, which was formally referred to as terminal services or a terminal server.
It works by allowing users to log in from almost any device via the Internet to a centralized server, presenting the same virtual desktop to all users.
The server resources are split among all the users who are actively logged into the server. RDS generally works best with PCs, but it can work from a Mac.
Again, you can read more information here on how to run Microsoft Remote Desktop on a Mac, but always check with your IT expert to make sure this is really what you want to do.
What are the key differences between VPN vs VDI vs RDS?
1. Virtual Private Network (VPN)
When using a VPN, the application on the client device (e.g. PC or Mac) establishes a secure connection and creates a tunnel between the device and the corporate network.
The end user’s device then behaves as if it was in the office. All applications and services offered can send data securely over the encrypted tunnel.
The processing is done on the client machine (the user's PC or Mac), unlike RDS and VDI.
2. Virtual Desktop Infrastructure (VDI)
When using VDI, all users have their own dedicated station that they can customize, although the administrator can define policies to decide what can be modified and what is uniform between the different virtual systems.
Users will get a more familiar Microsoft Windows 10 (or other) environment to connect to.
As the resources are defined and completely dedicated to each machine, this means that each machine works independently of the others, which may be important to highly regulated or secured environments.
2. Remote Desktop Services (RDS)
When using RDS, all users log into the same server interface.
Although some settings can be customized, overall everyone will have the exact same user experience. This means that the resources will be shared between all users logged into the system.
Users will not experience the traditional Windows 10 or 7 interface that they may be used to - instead, they'll be presented with a Windows server flavor of the desktop.
You can read more about Desktop as a Service options here if you want to get more information.
Pros and Cons of Remote Access Software
There are pros and cons to each of these setups, but here are the main things to consider when making your choice:
A VPN is generally the lowest cost solution. Minimal hardware is required and users can usually keep their existing devices.
A VDI system is usually the most expensive, as there is an extra layer of software required to host a VDI system, most commonly Citrix or VMware.
RDS may fall somewhere in the middle, depending on various factors.
Using a VDI setup requires many different virtual machines to support the user base, so it can be more challenging to run patches and updates.
An RDS setup generally has fewer machines to patch and maintain.
VPN setups can leverage existing hardware, however maintaining off-site resources can be difficult as they need to connect to be visible.
The user experience is generally quicker on a VDI solution than RDS because the resources are compartmentalized and adjustable to each user. This provides a faster experience when using the system.
A VDI solution would typically be recommended for AutoCAD or similar graphic-dependent software, which requires more processing power.
VPN connections rely on client hardware and connection speed, thus sending large amounts of data can be slow because of the encryption required.
4. User Hardware
Because all the processing is being done on the server side, the end-user hardware is not as important with VDI or RDS.
VDI solutions provide access clients for Mac and Windows, and in some cases iPhone and Android devices.
Windows RDS has clients for Windows and Mac, however using a Windows-based PC will generally give the most consistent user experience.
For VPNs, user hardware is more important as the processing is done on these devices.
VDI and RDS can be configured to restrict data from leaving the corporate network.
VPN connections protect the data in transit, however data can still be moved to any device the employee wants, so extra steps should be taken to protect against having data scattered around remotely.
Final Thoughts on VPN vs VDI vs RDS
Every business has different requirements that will need to be taken into consideration.
As an example, for a small number of users with limited needs, VPN or RDS is simpler and more cost effective.
But for a larger workforce with mobile needs or graphic processing needs, a VDI solution might be better suited to deliver the user performance required.
If you’re considering any of these solutions, make sure that you do an upfront analysis of your business needs first with a qualified technology consultant - not the vendor of one of the software solutions!
An experienced resource will be able to guide you through the entire process, and assist you with choosing the right solution, the deployment, any necessary user training, and ongoing maintenance as required.
If you'd like to learn more about secure remote working, take a look at our online guide to remote work security, including practical steps to take action against today's cyber criminals!