Opinion: It's time to level up the network for the hybrid workforce
"Enterprises are deploying a mix of technologies for secure remote access, including VPN, ZTNA, SD-WAN and SASE – on average respondents are using 2.3 different solutions, but..."
The new workplace is everywhere, but IT departments are struggling to provide the same experience to users working from home or on the road that their office-bound colleagues enjoy, writes Prakash Mana, CEO, Cloudbrink.
That might not be a big deal if we were having this conversation in 2019, when a minority of the white-collar workforce worked occasionally from home or on the road. But despite a handful of well publicized back to work edicts from big companies, hybrid working is here to stay.
According to Enterprise Management Associates (EMA) research commissioned by Cloudbrink, 42% of the workforce works out of the office for at least two days a week – a figure expected to reach 49% by 2025 – and 94% of companies have permanently increased the numbers of staff working remotely since 2020.
Yet the EMA survey of 354 IT professionals found multiple challenges for enterprises in adapting their networks to the needs of the hybrid workforce. We’re talking about facilities office workers take for granted: fast response times and file transfers, high-quality audio and video, stable and reliable network connections.
The impact of a substandard IT experience shouldn’t be underestimated. It can lead to frustration and low morale.
It also affects productivity. During the pandemic a major media company found that software developers working remotely were only able to manage one or two code check-ins each day, compared to four or five by teams able to work in the office. The issue threatened the deadline for delivering a new product and was serious enough that the company even considered turning off security on the remote developers’ connections.
The company – a global 500 enterprise – ran tests using its existing SD-WAN, VPN and ZTNA solutions but found none of them able to address the remote developer use case. They were secure but not fast enough.
Hybrid working network solutions are failing
Trade-offs between security and performance are common and the EMA research suggests that IT departments have come to accept them as inevitable.
Shamus McGillicuddy, research director, EMA, says: “The research suggests that most people in IT still believe they must choose between a secure solution and a productive one. 46% admitted they prioritize security over performance while only 34% try to optimize both.
"This is no surprise when you look at who’s calling the shots: the security team tends to lead hybrid work deployments because security remains the number one priority for the enterprise. The problem is compounded by poor collaboration between network and security between teams, but the bigger problem is that organizations struggle to find technology that can deliver a solution that balances security and productivity.”
Tackling a world designed for offices and DCs
The fundamental problem faced by all networking vendors is that their products were designed for a world of data centers and office-based workers. An estimated $37 billion has been invested in centralized architecture. If you were designing networks for the shape of the new world, they would look very different with the networking and security stacks at the edge of the network, where the users are.
Hybrid work raises a number of operational issues, including:
- The number of users working remotely has multiplied but the size of networking teams has barely increased, if at all
- IT no longer always controls how users are connecting to enterprise networks creating multiple security and performance issues
- Hardware rollouts designed to overcome connectivity problems at remote locations increase short term costs and add to the long-term support burden – 72% of organizations taking part in the EMA survey have tried deploying hardware to the homes of remote users
- It takes longer to resolve technical problems for remote users – 51% report increased lead times to repair as a result of new working patterns
While the number of headaches for the IT department have increased, it’s the users who feel most of the pain.
Enterprises are deploying a mix of technologies for secure remote access, including VPN, ZTNA, SD-WAN and SASE – on average respondents are using 2.3 different solutions. Though they all have their pros and cons, the absence of a clear winner tells its own story. For example, the most common solution, used by 61% is VPN but far fewer respondents (46%) regard VPN as the best solution.
Throwing VPN bandwidth at the problem ignores the fact that many performance issues occur in the last mile – the final connection between the user’s device and the network infrastructure. The most common issues are caused by poor home wi-fi set-ups and low-quality consumer-grade broadband connections. IT departments have poor visibility of these access and connectivity issues and little ability to influence and control them.
Networks have historically been designed to protect the core network at the expense of the edge. It’s analogous to building road systems that ensure the smooth running of motorway traffic by allowing traffic to build up on the on-ramps and rural roads.
Packet loss is a major cause of performance issues and helps explain why consumer broadband almost never delivers advertised throughput.
According to research by the US Department of Energy, as little as 0.5% packet loss can reduce effective bandwidth by 95%, slowing file transfers and degrading audio and video applications. While packet loss can’t be eliminated it can be mitigated with pre-emptive and accelerated packet recovery techniques.
Another major factor in performance is the distance between remote users and the applications they need to access. 83% of organizations have extended the cloud edge, moving applications closer to remote users to reduce latency and improve experience.
Getting the benefit of proximity to the applications depends on the availability of ultra-low latency points of presence (PoPs). For example, Cloudbrink currently deploys more than 600 of these PoPs, known as FAST Edges, enabling <5ms latency. Unlike physical PoPs, FAST Edges can be deployed instantly through partnerships with cloud providers and telcos with virtually no upper limit on numbers.
Secure remote access options – pros and cons
- Forty-two percent of IT organizations are using a secure access service edge (SASE) solution for remote access. SASE combines multiple connectivity and cloud-based security technologies. The technology can be complex to implement, and the cloud-based security components can add latency to a remote connection.
- Forty-two percent of organizations use secure direct access to a public cloud. This connectivity option is not applicable to assets hosted in a private data center, and it’s also siloed to an individual cloud provider. Multi-cloud enterprises will find this option adds too much complexity. It also does nothing for user experience.
- Zero trust network access (ZTNA), which 34% of organizations use, offers effective, granular access policies and controls, but the technology also relies on cloud-based gateways that can introduce latency. ZTNA also lacks the ability to optimise user experience.
- More than 20% use SD-WAN solutions for remote connectivity. These solutions offer security and performance, but they’re designed for connecting branch offices. They usually rely on hardware at the user’s location, which can be expensive and difficult to manage at scale.
The EMA report identified four priorities driving CIO’s hybrid workplace strategies: employee productivity (45%), security (42%), employee satisfaction (39%) and operational overhead (33%).
It noted that while many current solutions can address the security requirements, many fall short of the requirements for performance and user experience.
IT departments made heroic efforts to adapt their networks for hybrid working during the pandemic.
The task ahead is to ensure parity of experience for staff regardless of their location – or risk creating an underclass of hybrid workers with low job satisfaction and suboptimal productivity.
Prakash Mana is the CEO and founder of Cloudbrink, which provides high-performance secure application access as a service. He held previous leadership roles at Pulse Secure and Citrix.