Working the kinks out of home offices

For would-be teleworkers, advances in networking, voice services and software make it possible to duplicate high-tech offices at home. One catch — on top of the policy and management issues — is the cost.

As the ranks of teleworkers grow, the challenge is to develop an equipment provision and management plan that recognizes and meets the needs of different jobs. With so many options, the task of outfitting the telecommuting workforce must be done carefully.

One of the first decisions is who will provide the computers. Asking workers to supply their own computers might seem desirable from a cost perspective, but it's not that simple.

"It tends to be a false economy because what you save in equipment costs you pay in support costs when you wind up with a wide variety of platforms, operating systems and software versions to support," said Gil Gordon, a telecommuting and virtual office consultant in Monmouth Junction, N.J.

Employee-owned equipment presents two other potential problems. First, there are limits to what the employer can say about who uses the computer and how. And second, if the computer needs repairs, it may be unclear how the problem occurred and whose responsibility it is to pay for it.

Wendell Joice, governmentwide telework team leader at the General Services Administration, said there is no governmentwide policy on who supplies telecommuters' computers.

At the U.S. Patent and Trademark Office, for example, a telecommuting pilot program called Work@Home has two levels of support. The agency supplies a computer and full technical support to telecommuters in the first level of the program in an attempt to replicate the high-end desktop performance and full suite of software applications at the agency's office.

This approach "holds down our support costs better because we have control over the operating system and the software baseline," said Wesley Gewehr, deputy chief information officer for systems modernization at USPTO.

Telecommuters in the second level of the program must provide their own computers, but they have access only to the USPTO intranet and e-mail system. And their assistance from the USPTO help desk is limited to issues such as setting up the network connection and the e-mail client software, Gewehr said.

Department of Health and Human Services policy calls for telecommuters to provide their own computers. But, according to Karen Billingslea, a human resources consultant at HHS, some operating divisions offer surplus equipment to telecommuters. Regardless of who supplies the computer, HHS provides the necessary software and requires that it be used only for job-related purposes.

Supplying teleworkers with computers at home and at the office could cause costs to skyrocket. In response, USPTO is one of several agencies that "hotels" office equipment, meaning that multiple teleworking employees share one office workstation.

Once the hardware and software issues are resolved, agency officials need to decide how telecommuters will connect to the Internet and to the agency's network to access e-mail and other office applications. The first step is choosing the right connectivity option.

Keep in mind that a single telecommuting program may have to support multiple access methods to accommodate different work locations and job tasks, said Kneko Burney, director of e-business infrastructure and services at Cahners In-Stat Group. For example, telecommuters who also travel as part of their jobs must have reliable remote-access methods at home and on the road.

The most popular choice is using a modem that connects a computer to a telephone line, but even the best modem is slower than other broadband network options. Although a dial-up line has the enormous advantage of being available throughout the United States, on the downside, it requires users to dial up every time they want to go online, which can be inconvenient and reduce productivity.

Of the broadband options, the two most popular are Digital Subscriber Line and cable modem. DSL works over existing phone lines by splitting the line into a voice part and a data part. Although DSL is generally available in major urban areas, to get the service in a suburban or rural location, a house must be less than three miles from the nearest telephone company switch.

Major telephone companies offer DSL, as do many other vendors. A General Services Administration contract lists 10 smaller vendors that offer DSL services.

Cable modem service comes from cable TV providers via the coaxial cable that goes into many — but by no means all — homes across the country. Nonetheless, broadband cable service is currently installed in slightly more homes than DSL, said Maribel Dolinov, senior analyst for telecommunications with Forrester Research Inc.

One performance caveat with cable modems is that users on the same local node — for example, a residential neighborhood — share the cable bandwidth. That means performance can suffer as more users go online, Dolinov said, and transfering large files can be slow.

In areas where cable and DSL are available — such as the Washington, D.C., area — the choice can hinge on more than straight performance or cost.

USPTO has settled on DSL for its telecommuters' broadband connection for a variety of reasons. "With the cable modems, there seemed to be issues splitting the billing from the Internet use with the cable television use," said Wes Clark, manager of the network engineering division at USPTO. "The satellite [service] gives us problems with latency time in getting the packets up from the PC to the satellite and back down again. Some of our systems can't live with that latency."

Home Security

The choice of a remote access method ties directly into one of the most important telecommuting issues — system and data security. Before the Internet, the most common route for remote workers to access the local-area network was through a remote access server (RAS). Essentially, an agency sets up a bank of modems in a computer room, employees dial in, enter a valid network name and password, then gain access to the internal network, data and software applications.

The agency must also dedicate a handful of telephone lines (sometimes with toll-free numbers) that employees use to dial in. The RAS approach can be very secure, especially with a powerful user authentication system.

For example, users in the second level of USPTO's telecommuting program dial into the office e-mail system and intranet through a RAS. In addition to a network sign-on and password, each employee is issued a secure ID card, which has a mini-processor that generates a code number, or token, which the user enters into the system during the log-on process. The token is recognized by the USPTO server in the office, and the user is authenticated and granted access.

There are several downsides to a RAS. For one, the same telephone line that provides flexibility also limits performance — at best to the 56 kilobits/sec of a modem. Also, the dedicated telephone lines required for a RAS can be expensive to maintain.

"The RAS market is the most mature remote access market, but it's also the one with the least amount of growth," said Jason Smolek, research analyst for enterprise networks with IDC.

The faster growing market — and the wave of the future for remote access, according to Forrester's Dolinov — is the IP-based virtual private network (IP VPN). An IP VPN sets up an encrypted tunnel between two computers on a network — often the Internet. In addition to authenticating users, the VPN also protects data during transmission.

Unlike those dialing up through a direct telephone line, DSL or cable modem users must rely on the Internet to connect back to the office. Most cable providers bundle Internet access into their package, while many DSL providers partner with dedicated Internet service providers.

USPTO uses an IP VPN from Nortel Networks Ltd. to secure the DSL broadband connection that its level one telecommuters use. Most IP VPNs use standard IP security protocols, which are highly secure, according to IDC's Smolek.

Agencies can obtain VPN functionality from various sources. Turnkey appliances, which include hardware and software, come from numerous vendors and range in price and size to support a few users up to thousands, according to Smolek. There are also software-only VPNs that can be loaded on an agency's existing servers. And there is a fast growing market for managed VPNs.

Finally, another area of concern for agency managers is the security of the telecommuter's computer, especially when it is connected to a broadband service. Unlike a dial-up telephone line, DSL and cable modem broadband service is always on, leaving the connection more vulnerable to hackers.

The least expensive solution is a personal firewall. Vendors include well-known companies such as McAfee.com Corp. and Symantec Corp., as well as InfoExpress, Network ICE Corp., Sygate Technologies Inc. and Zone Labs Inc. Some personal firewall software is available for free on the Internet, but most commercial packages run about $40 to $60.

The next level of desktop protection is to install a small office/home office (SOHO) router at the telecommuter's home, creating a subnetwork that can be more effectively walled off from the outside world. Like many other products and services, these SOHO routers are based on traditional enterprise technology, but they have been adapted to the cost and operating environments of home offices.

Dan Caterinicchia contributed to this report.