The Virtual Private Network (VPN) is Dying. Here's Why.

A lot has changed since I left college and entered the workforce.  My first “real” job began July 5, 1983 at the company formerly known as Northern Telecom.  My first desk telephone was an analog 2500 set.  I did most of my work on a green CRT (Cathode Ray Tube) screen logged into a PDP-11 via a 9600 baud modem.  There were no cell phones, e-readers, Google, or Microsoft Word.  Heck, in 1983 there was barely a Microsoft.

I don’t want to sound too much like an old geezer reminiscing on a park bench, but I can’t help but marvel at how different things are today.  However, as much as the technology has changed, so has the way I do my job.  My job used to be a place I went to.  If my car broke down, I didn’t work.   If the roads were too icy to drive on, I didn’t work.  If I had to stay home for a repair person, I didn’t work.  I suppose I could have sat down with a pad of paper and wrote PLM code (my first professional programming language) by hand, but that wasn’t very practical.

These days, work is something I do and not a place I go.  I work at home.  I work from airports and hotel rooms.  I’ve worked at my kid’s baseball games and swim meets.  Remember when we used to take sick days?  Now, I just prop myself up in bed and call it my office.  No matter where I am, I have immediate access to email, instant messages, video, and enterprise telephony.  The presence jellybean on my Microsoft Lync client might tell you that I am available, but it doesn’t let on that I am working in a coffee shop in downtown Minneapolis.

Of course, the only thing constant about change is change itself.  It’s true that I have moved from being an office worker to an everywhere worker, but aspects of that are quite different from what they were just a short time ago.

The biggest change for me has to do with three words – Virtual Private Network.  A Virtual Private Network (VPN) is technology that creates a tunnel between a remote device and a corporation’s network.  When I start the VPN on my PC, it’s as if I am sitting in the office connected to the Ethernet jack underneath my desk.   I see no difference in the way my applications run or act upon corporate data.

I clearly remember the days when I would go home, start my PC, fire up my VPN, and start working on the day’s unfinished tasks.  Now, I go home, tuck my PC bag under my desk, pull my iPhone out of my pocket, and get back to emails, IMs, and telephone calls without the use of a VPN.  Yes, there are still times when I need a PC for its screen and keyboard, but even then I rarely start up my VPN.

So, what changed?  How do I gain access to the tools I need without having to connect to the corporate network?

chess king fallen

The King is Dead

A VPN connection secures a device – all of the device.  It creates an encrypted data tunnel between my PC and the VPN concentrator at my company’s headquarters.  In essence, a VPN allows my PC to act as if it is hanging off a very long Ethernet cable.  The upside is that to my PC’s applications, office and home look alike.  The downside is that not only does Microsoft Office have full access to my corporate LAN, so does everything else on my PC.  Any virus or ill-behaved application that sneaks onto my PC has that same unfettered access.

Since this is my work-issued PC, the security threat is the same at home as it is in the office.  However, the same cannot be said about my iPhone.  It’s not a corporate device and my company has no control over what I put on it.  Or how about my personal PC?  I can create a VPN connection on it back to my office and subject my company to anything my kids might have downloaded.

So, what’s a teleworker to do?

The answer is really quite simple.  Instead of securing the device, let’s secure the application and the connection it has back to the corporate network.  In terms of SIP that comes down to three more words – Session Border Controller.   An SBC creates a secure network edge that only accepts and passes SIP signaling and RTP media.  I configure One-X Mobile on my iPhone to point to my company’s Avaya SBC for Enterprise and voila – remote enterprise telephony without having to start a VPN on the iPhone.  It doesn’t matter what else I might have on my mobile device.  The SBC makes sure that only the SIP traffic gets in and out.

This is very similar to how we secure web applications.  The next time you use Outlook Web Access (OWA), make note of the fact that your web browser is using secure HTTP (HTTPS).  Similar to the SIP messages to and from my iPhone, the browser’s stream of data has been secured and not the device the browser is running on.

The benefits of securing the application instead of the device are significant.  My IT department can provide me access to the company’s SIP communications system without having to worry about anything malicious sneaking into the corporate network.  I can load up my iPhone with as many games as I want and not a one of them will get past the SBC.

This holds true for other devices, as well.  An SBC can secure the SIP traffic from an Android phone, iPad, Surface RT, PC, Mac, or any other device that supports SIP communications.  This allows an enterprise to fully embrace Bring Your Own Device (BYOD) while safely managing security risks.

Will there still be uses for VPNs?  Yes, but like modems, VPNs are falling out of favor.  Enterprises are far more security savvy than they were a few short years ago.  Securing applications makes more sense than trying to secure an entire device.  This is especially true since many IT departments have lost control over what their users put on those devices.  They may not be able to control the device or the user, but with tools such as SBCs, they can control the data they allow in and out of their networks.

* * *

This article originally appeared on Andrew Prokop’s unified communications blog, SIP Adventures, and is reprinted with permission.

Related Articles:

Younified Communications—it Really is All About YOU!

One of my favorite things about working for Avaya is that we’re marketing the same collaboration tools we use to do our jobs. Best of all, we have access to beta versions of our solutions, providing R&D teams with first-hand unedited feedback. Yep, we are drinking our own champagne!

Based on my interactions with customers across the world, I know that many of you work just like we do. Meeting after meeting, virtual, mobile and in-person. It’s not just about the quantity of meetings we all participate in, but the quality of our experience to drive productivity and engagement. As you know, there are many different types of meetings. Let me give you a few examples just from my last week:

  • A group text chat with a few colleagues—getting a quick answer in a sidebar or multi-tasking activity
  • A one-on-one video meeting to review a spreadsheet with one of my staff members
  • A team meeting over desktop or mobile video where we collaborated about an upcoming quarterly plan—many IMs were going on behind the scenes that aligned with meeting topic discussions
  • Remote participation in a customer executive briefing, where the customer’s team was using a video room system in HD
  • A global all-employee meeting broadcast to every person in the company—that’s thousands of people across the world
  • A sales webinar to several hundred participants where we shared a presentation and responded to questions via integrated chat
  • A detailed technical training session on a product with full application sharing for a demonstration of the new user interface
  • Last but not least, a quick impromptu meeting on the phone with one of my team members

Historically, these different meeting types were hosted on multiple different systems or services. This required users to learn different interfaces, which required different logins, passwords, technical requirements, and delayed starts. At times, major compromises resulted based on the meeting scale required, bringing everyone’s level down to the lowest common denominator. The result? The least engaging experience for the audience, and therefore the lowest amount of attention and engagement, and consequently sub-optimal productivity.

Sound familiar? Do you have one solution for IM, another for telephony, perhaps a web conferencing service, a separate audio conferencing solution, another solution for room video conferencing and yet something else for large scale events? All of which fit under the term “unified” communications, but how much of it provides YOU with an engaging and collaborative experience?

A Single, Truly Unified Solution

While the vision of Unified Communications was to merge methods and tools and simplify access, vendors today struggle to fully consolidate all of the communication application infrastructure and cloud-based services into a single platform—at least until now. The Avaya Equinox™ Experience, announced at GITEX in October, is our new platform for business communications, and fulfills the long-sought promise of UC. It is finally all about YOU! One of the key capabilities of Avaya Equinox is that it supports all the different modes of meetings, conferencing and collaboration in one platform. That’s right—one tool that really does it all. There is robust mobility so it works wherever you have a network connection, high scale audio conferencing, extensive web collaboration, multi-media messaging, rich multi-vendor HD video, even event streaming to 100,000 users—and that’s just for starters.

As you would expect, there are many benefits of one platform covering all UC use cases and requirements versus separate platforms or services for messaging, telephony, audio, web, video, and event conferencing. For users, one login and one easy-to-learn solution. For IT, one solution to support with one set of statistics, single provisioning, and a smaller footprint with higher efficiency and lower costs.

I like to call Avaya Equinox the “uber” all calling-conferencing-collaboration solution, where Avaya puts the YOU in unified. But check out Avaya Equinox for yourself at this First Look video.

How many different communication and conferencing applications do you use? Tell me about your experiences—send a note to innovations@avaya.com.

The Value of Enterprise Mobility—Spread the Love

In a recent blog, I mentioned my sister-in-law’s frustration at not being able to use her smart phone for work purposes and how many businesses are struggling with the mindset change required for real digital transformation. That’s not to say that there aren’t valid business concerns about bring-your-own-device (BYOD) and mobility generally. Failure to secure mobile telephony and collaboration can open enterprises to significant risks.

A good example of those concerns came up at a recent conference while talking to an Avaya customer about BYOD. The customer’s perspective was that companies should just let their employees use personal mobile devices, with no need for an enterprise-grade software client to tie the device to the company network, databases, apps or governance. (Enterprise grade in this context means having call logs, directories, presence capabilities and access to enterprise collaboration tools like video and web conferencing, no matter where or how you work, or on what.) The approach of not having such a software client would fulfill employees’ desire to use their own phones, as well as the familiar tools and apps on them, without the need for the comprehensive security required by an integrated BYOD strategy.

We explained that just an hour earlier another Avaya customer had approached with a concerning story:

The customer’s company allowed its salespeople to use their personal cell phones without connecting directly to the company network. The problem: when one sales person recently left the company, all of the intellectual property of the company (contacts, pipeline information) went with them. Our customer wanted to know how to solve for this.

Avaya enterprise-grade solutions for mobile devices directly address the concerns that customers and others often express: a significant amount of flexibility for employees, security and privacy for everyone involved, and a measure of control over processes, policies, and data. Avaya mobility solutions are open, so they are adaptable to different devices and platforms. They capture important information that can lead to faster, more informed decisions and, ultimately, better outcomes. In short, they enable companies to operate at the speed of their customers.

The point is consumers and employees today are increasingly mobile. Gartner predicts that 80% of key business processes will include exchange of real-time information involving mobile workers. Not being able to use employee-owned devices slows business down. So the business case for mobility solutions—the flexibility they offer customers and employees, the improved outcomes, and the support of intelligent business response and decision-making—points toward value that outweighs the risks. Enterprise-grade mobile communications solutions have reached a level of both maturity and sophistication that they can now meet the needs of all stakeholders in the employer/employee/consumer equation. Everyone can share the love.

How is your organization addressing mobility? I’d love to hear from you.

Also, be sure to check us out at GITEX Technology Week 2016 where we will showcase our latest innovations designed to enable companies to meet customer and employee expectations with true multi-touch communication capabilities.

 

In the Digital Economy, the Human Touch Still Matters

According to Gartner, by year-end 2018, a customer digital assistant will recognize individuals by face and voice across channels and partners. Gartner predicts that the last mile for multichannel and exceptional customer experiences will mimic human conversations, with both listening and speaking, a sense of history, in-the-moment context, and the ability to respond, add to, and continue with a thought or purpose at multiple occasions and places over time.

The digital era has made it possible for many customer service functions to be automated, alluding to a possible future where customer service representatives could be replaced by robots. However, the human touch still has incredible value to the service experience. Customer service representatives (CSRs) have the deepest insight into customer likes and dislikes and are most likely the closest to the ground when it comes to customer sentiments—a variable that cannot be measured by robots. This is where companies need to move service reps from mere dispensing of services to customer engagement.

Today, communications must be centered on improving human connections, delighting customers, and energizing employees. This context-aware communication and collaboration is known as engagement—the active connection between team members and customers to the information, experts, and decision-makers they need to complete the task at hand. As the pace of business accelerates in the digital economy, employees need to have critical information at their fingertips at all times—making engagement experience more crucial than ever.

The true value of engagement is only realized when meaningful, communications-empowered connections among individuals, teams, contacts, and customers are formed. Supporting participation across time and space on any device, engagement will lead to better business outcomes; more productivity, loyalty, enthusiasm, customer satisfaction, and customer advocacy.

It’s no secret that loyal, returning customers have a higher customer lifetime value (CLV) than new ones. They spend more money and are more likely to recommend businesses to their friends and across social media. According to a SumAll survey, businesses with 40% repeat customers generated nearly 50% more revenue than similar businesses with only 10% percent repeat customers. And every time customers return, they become more valuable to the business.

Engaging Customers in the Digital Era

To drive engagement, businesses need simple, human-centric communication and collaboration built deep into business processes. Tight business application/process integration ensures customer data is always updated and CSRs have the latest knowledge about their customers—allowing businesses to provide more personalized customer service standards.

To truly empower the CSRs of the future, companies can, and need to, integrate all of their customer channels—web site, mobile apps, call centers, brick and mortar locations—to create a seamless experience, regardless of how the customer moves through the system. Whether the customers are on your web site, app, or service line, customers today expect brands to instantly recognize who they are, what they purchased, and where else they have engaged with the brand. An integrated service approach will not only eliminate time wasted gathering data you already have, it will also allow the rep to immediately focus on the customer’s needs, which directly impacts customer experience.

With Gartner predicting that 90% of companies will compete almost entirely on the basis of customer experience in 2016, there is no room for siloed business practices and protocols that get in the way of good customer service.

In a digital economy, human interactions will continue to play a crucial role in customer retention. CSRs need to be aided with the right tools and intelligence to deliver even more superior customer service that doesn’t just solve customer issues but also anticipates company needs to surge ahead of the competition.