Local Tech Expert Explains Today’s Unprecedented IT Challenges
Hawai‘i’s huge increase in people working from home has created IT challenges for local businesses.
Derek Gabriel is the cofounder & CEO of Ignite Solutions Group, a cloud technology service provider, and he has been busy the past few weeks helping local businesses deal with these IT challenges. But he found time to talk with Hawaii Business Magazine’s Anthony Bagnoli about problems and solutions.
This interview was edited for clarity and conciseness.
Q: What’s the new landscape now that so many people are working from home?
One challenge is that our home broadband networks were designed for consuming content. That’s why whenever you purchase broadband, it’s always like “X” download speed with only one-10th of that speed for uploads.
Typically, consumers watch something like Netflix that requires heavy downloads. Now people working from home are content producers. You’re doing conference calling and sharing video and all of that sometimes consumes more bandwidth than available.
The other challenge is that, much like the way the airlines overbook, internet providers oversubscribe. Everyone does it differently but ultimately, they put a certain amount of bandwidth into a specific node, which might be an apartment complex or a neighborhood of homes. And that bandwidth might be 75% of what’s needed if everyone used all of the internet available at the same time, because that kind of use rarely happens.
But we’re seeing an unprecedented black swan event where everybody is at home using the internet all the time. Our infrastructure was never built for that.
The other challenge is we’re not home alone. I might have a conference call with a client, but another member of my household might want to watch HBO online at the same time. The family needs to make agreements: “Hey, between 9 and 10 I’ve got an important video call. Can you read a book, because I’m going to need the internet?”
You can also disconnect devices that consume Wi-Fi that you’re not using.
Unfortunately, I don’t have the luxury of asking my neighbors to do the same things. So ultimately, we’re at the mercy of the system.
Q: I shouldn’t have my cell phone running on my Wi-Fi?
That’s right. If you got unlimited bandwidth anyway from your cellphone carrier, leave it off your Wi-Fi. And if you got an Xbox, spare computer or Roku – there are a lot of devices that will download updates or cache content offline when they’re idle. Leave them off if you’re not using them, so they’re not consuming bandwidth.
Q: Is too little bandwidth the reason there is often one person whose picture and audio are ragged during a video conference?
It could be that or maybe they’re using an underpowered device. We’ve (Ignite Solutions Group) spent the last couple of weeks deploying laptops and new computers for our customers because their employees didn’t have adequate equipment. One firm’s management thought beforehand: “We’re going to be OK. Our employees have home computers they can use.” But many folks have like a 10-year-old home computer. So the firm had to purchase new laptops for employees because otherwise they couldn’t do their work. It takes a lot of computing power to process video encoding.
If the issue is a shortage of bandwidth, turn off your video and do an audio-only call. Audio takes a fraction of the bandwidth of video.
As a last resort, pick up the phone if you have a dial-in option for a conference call. A lot of the voice services are dedicated resources on the mobile phone networks. They consider a voice call a higher priority than a data call, so you’ll find that as things degrade, the data degrades first. Then the voice degrades second. The last thing that will degrade on an overloaded cellular network is the text messaging, because text messages take very, very little data. After we had that earthquake in Hawai‘i, often only text messages got through.
Q: What else should businesses consider?
Communicate with your staff and let them know your top priorities. I think that’s one of the biggest challenges we’re going to see with folks working remotely. It’s easy to be goal-oriented and project based in the office. When we’re not in the office environment, there’s a lot of disconnect, and so it’s important for companies and management teams to communicate what they expect. That way an employee can say: “I don’t have all of the resources I need in my home office to accomplish this in that timeline.” So, they can sort of negotiate. We’re all in the canoe together and we’re all trying to paddle the same direction.
Q: Another issue is VPN access. What is VPN?
VPN is technically a legacy technology. It stands for virtual private network. A VPN creates an encrypted tunnel between a device and another network elsewhere, typically the corporate network or corporate data center. You need a VPN if you have a legacy line of business applications that doesn’t speak Internet protocols, or doesn’t have modern authentication or modern encryption technology. You’ve got to use VPN software to get your endpoint computer connected to the corporate resources.
Unfortunately, we’re suffering the consequences because people didn’t act in the past. Let’s look at the state unemployment office. When unemployment was at a record low, that’s when they should have invested in infrastructure and stress tested their system. Unfortunately, they didn’t and now we’ve got thousands of people applying for unemployment and the system crashed.
Whenever someone says, “We have to add servers to the system,” that means they’re using software that requires physical infrastructure – it’s not cloud-based or not taking advantage of all the clouds and modern technologies.
If there is a legacy infrastructure that requires a VPN, maybe one or two key folks were set up to remotely access that in an emergency or once in a great while. What happened this month is that suddenly offices were shut down and people working from home. Companies suddenly needed remote access for people who had never needed that before. All of a sudden you got all this extra traffic onto the corporate network from all these VPN clients.
Q: I received a laptop from my work, but it doesn’t need VPN access to work remotely.
You have a modern office that has already gone through a digital transformation. Your company uses cloud-based applications like NetSuite and Microsoft Office. Those applications are what we refer to as internet aware. They use modern protocols that you can operate through a web browser. They are inherently secure from end to end. That means you can use all of the tools you need to do your job without a VPN.
Q: But our design team is using VPN.
Yes, people like graphic artists work with super large files. It takes too long to transmit that data across the internet. They may be using a VPN product or remote access software to gain remote access to a computer that is still in the office. They use the resources of that computer in the office as if they were sitting there but do it from a remote location.
Q: Are teleconferencing apps secure?
I’m pretty confident that most of the big corporate teleconferencing apps like Microsoft Teams are secure. Microsoft publishes its products’ security information in the Microsoft Trust Center. Zoom has also dedicated a lot of resources to security and Skype is also very transparent about its security.
The only thing I would be concerned about are some consumer-oriented apps that you find at an app store. I recently was invited to use an app called House Party and I took time to read the terms of service before I signed up. I was looking to see if there was anything about the company monitoring or collecting data, or owning the content. They were really clear in their terms of service that the end user owned their content and that House Party wasn’t selling any data to a third party. Now it’s easy for anyone to write whatever they want, so you have to ask yourself what level of risk you want to take. I wouldn’t do a company call or invite a client on House Party, but I would use it with a friend.
Q: Ignite Solutions Group is a cloud technology service provider. What services are businesses asking for during this COVID-19 crisis?
There’s a broad spectrum. Some customers that we’ve had for years have already done their digital transformations. They are fully cloud-based companies. They’re just asking for some tips and tricks. Optimization suggestions, training for their staff who hadn’t yet taken full advantage of some available products.
On the other side of the spectrum are the customers who say, “We have two servers in this closet and no remote access.” In the course of a week we’ve done things like help them acquire new laptops, help them configure and start using Office 360, transfer their email and documents from on-premise servers to the cloud. We’re seeing a hugely accelerated shift from legacy technologies to cloud-based technologies.
Q: Is there anyone still defending the use of servers in the closet?
No, everyone realizes that’s a problem. A lot of companies that had kicked the can down the road are all now regretting those decisions and are moving as fast as they can to make those transitions. We are seeing what typically a company would have done in, say, three to six months compressed into three to six days. It’s really intense.
Q: Are you working all the time?
Yes, 3 a.m. to 9 p.m., sometimes taking a nap in the afternoon if I can.
Q: Are there things teleworkers should be aware of when using home devices versus company-issued equipment?
It’s difficult to control your security exposure on an employee-owned device because you don’t know what they have. It is completely plausible that an employee’s home computer that’s 10 years old might already have malware. Suddenly employees are processing company data on devices that are potentially compromised.
There’s a huge risk so companies are implementing what we call a BYOD or bring your own device scenario. The company typically tries to take some responsibility for that device with endpoint management software, maybe something that scans for malware, something that protects the software that runs and encrypts the company data while leaving the device alone. It creates an encrypted section of the hard drive for the company data so that when the employee accesses those company resources, they’re not actually saving information onto their personal computer. Then once the employee disconnects, those resources are also disconnected.
There’s really not a whole lot of difference between using their personal computer and using a company owned computer IF the business has modern resources. They don’t need the VPN or anything like that. They just need a web browser that speaks the proper security protocols.
Q: If I open my personal Mac computer, not my company-issued Surface laptop, I can log onto Microsoft Office in my browser, put in my password and I’m into my business emails. Am I just as secure as if I had worked on my Surface?
Yes, for all intents and purposes, you are as secure on your personal computer in a web browser using that product as if you were using your company owned device.
Q: When does it become not secure?
It is not secure if you download a company document from a OneDrive library or a Dropbox account and save it on your computer. At that point, the data has been exfiltrated. That data has left the company’s control and is on your personal computer. The company has essentially no control over what’s going to happen to that downloaded data.
You’ll find that most companies that have very sensitive data – like law firms, banks, a medical office – have policies and products in place that would prevent you as an employee from technically downloading a document. You might be able to edit documents in a web browser because they have control of that browser session. That browser environment is secure, but you’re not going to be able to download that data.
Some systems won’t even let you copy that data to the clipboard, because that’s one way you can get around the security. There are even mobile device management applications that allow you to use your mobile phone to access company resources yet block you from taking a screenshot. That data is so sensitive the company cannot allow you to copy or photograph it.
Q: Are there upsides to this COVID-19 IT stress test?
One silver lining might be with companies that have legacy procedures, legacy equipment or legacy workflows. Folks involved in those processes may not even know why they do things those ways. That’s just the way it’s always been done. Now they’re forced into rethinking those policies. Maybe they can streamline operations they would never have questioned under normal circumstances and take advantage of new digital technologies.