Technology Practice Tips Podcasts

Practical law practice technology concepts in an accessible, conversational manner with Phil Brown and David Whelan

Remote Access and Virtual Private Networks

 Permanent link   All Posts
A secure way of staying in touch with your law practice - even working on things in your office while you're out of it - is remote access.  Whether it is a virtual desktop or virtual private networking, we discuss some of the tools you can use to stay in touch securely while you are away from the office.
View Transcript
Speaker Key:   PB: Phil Brown, DW: David Whelan

 

PB:  Hi, it's Phil Brown and I'm here with David Whelan. Today we are going to talk about remote access.

DW:  Remote access is pretty clear. What you want to do is connect to a server or a computer that is back in your office or in your home, but you want to do it remotely. So when you are at court, or when you are on the go, you want to be able to get access to it whenever you want to. In some ways we are already doing that with tools like the Cloud, where I can synchronize a file up to Dropbox or something like that and I can remotely access it through the web or by downloading it to my device, but that is not really what we mean by remote access.

PB:  One of the things we are going to be concerned about with remote access is security and how to keep that information safe between your device and your computer at home.

DW:  That's right because it is using the same internet as the Cloud, but it is a direct connection to the device that you are trying to connect to. Remote access means that you are going to somehow dial in or plug into the computer that you are going to be using. There are really two ways to do that. One of the ways is VPN, which is virtual private networking, and a second way is to use something called RDP, remote desktop protocol, or VNC, virtual network computing.

PB:  Let's talk a bit about the differences and what they mean. VPN, for instance, the virtual private network, is really just a pipeline - a private pipeline, within the public network.

DW:  That's right. It secures everything that is transmitted through that pipe, and that means that everything that you do on your device, both at the end where you start and the end where you come out of that virtual private pipe - that virtual private network - is encrypted. Some people may know that if you use a VPN to connect to another country you can connect to resources that are in that country because it makes it look like you are coming from wherever that country is. But in your case, you would be using it for your office, so you would be connecting to a virtual private network client sitting on your computer in your office, or onto virtual private network hardware that is in your office.

PB:  I guess the first question would be: Does that mean that I can go back to using public Wi-Fi in Starbucks?

DW:  I think yes, as long as the VPN is turned on before you start to transmit any information. Everything after you have connected to the Starbucks Wi-Fi - after you have agreed to whatever your terms of service are - just flip to your VPN to make sure everything is encrypted past that. The traffic is encrypted even though you are on a public WiFi. No one should be able to see what is going on inside that VPN.

PB:   One of the (disadvantages) of using VPNs and RDPs tends to be a loss in speed sometimes.

DW:  Absolutely. If you think about it, it is like having one of those really big straws for your Slurpee and then going down to, like, a coffee stirrer and still trying to slurp the Slurpee through the coffee stirrer. It is not quite that bad, but you will definitely notice that it is slower. So you will not necessarily want to use a VPN all the time for your encrypted traffic, and that may take you over to something like RDP or VNC. The difference really is that although both of them or all of these use encrypted communications, where VPN is a pipe and you are just transmitting across the encrypted pipe, RDP and VNC connect you up to a remote computer and you use that computer as if you were sitting in front of it. So I would not necessarily be using anything on my tablet if I was on RDP. What I would see is my Windows screen and I would move my mouse as if I was sitting in front of that Windows computer, and I would do things on that computer as if I was sitting there. So really it is just the activity that I am doing on that computer that is encrypted. Nothing that is going on in my laptop or my tablet is encrypted through that connection.

PB:  Right, and neither of these concepts is particularly new. They have been around for years. pcAnywhere, GoToMyPC - some of those are the more common ones that people have been using for access. There are other companies as well that do this same sort of thing as the ones I mentioned, and there is also some mention of things like personal cloud these days.

DW:  Yes, and personal cloud is really similar to VNC. What you have is a server listening for connections. In the case of VNC, or even RDP, you would set up your computer inside your office so that it would be listening for people connecting and then you would use a client. In the case of the personal cloud it is usually a specific app, but in the case of VNC or RDP, you would use a specific app that uses that technology to connect up, and then the system that is listening would accept the connection once you gave the user name and password. You would then be into whatever the system is.

PB:  Right. So you could use your computer in the office even though you are not sitting in front of it. And you could also limit access to certain files if you wanted; maybe there were ten files that you thought were not secure enough to view from outside the office.

DW:  Right. The personal cloud ones are nice because it gives you the option to not use the cloud like Dropbox, but still have access to files, folders, and other information. And again, it is different from VNC or RDP where you actually see the computer you are in front of. Personal cloud tends to be giving you file-level access to whatever those resources are.

PB:  And we talked a bit about this in another podcast when we were talking about clean computers and clean devices. There is nothing on your device other than the ability to log on with a VPN.  You are not actually storing anything on the device you are using to access your home or office computer.

DW:  Right. I use VNC within my home. I think it is really good for an internal process. Frankly, I use it because I am lazy. When one of my kids has a problem on their computer, I will VNC down to it and fix it remotely without getting off the sofa. So, you know, maybe not the best example of how to use it, but that's the way it is. I think the thing to keep in mind if you are going to a VPN or any sort of remote access technology for your law practice, is that you should probably use hardware, rather than software alternatives. Otherwise you have to open up your network connection to the internet so that it allows the listening to happen with that server that is inside your office. And if you do not know how to secure, or cannot keep up to date on the security for that network connection, then you may actually be opening up your remote access to other people accessing it.

PB:  An example of one of those software issues was Windows XP, which had a very simple setup for VPN, so the user could easily do it themselves with the software. But of course, Microsoft has stopped supporting XP, so there are a number of security vulnerabilities for people who might still be using it.

DW:  Right, and you can get VPN built into your router and built into other systems. So when you are buying hardware for your office or you home if you want to have VPN connectivity, you can get it built into that hardware. And then when the hardware is updated with new software called firmware, then security vulnerabilities that have been found will be patched and you can be pretty confident that the security is still there.

PB:   Right, and there are a number of apps out there. I mentioned Tonido, something I am not sure if it is just for Macs, but it is one of the ones I use to access my computer when I do not have it with me. I was also using something earlier this year called Cloak 2, which is an app for the iPhone - I can turn a Starbucks network in to a trusted network for me, and turn it into a VPN, so every time I want to access that network, Cloak 2 says, "Oh, look - we've used this one before and I'm going to create the VPN for you now." And you can connect seamlessly through a VPN just using the app on your phone or iPad.

DW:  Yes. If you are on Windows or Linux, TightVNC is a great option, and then you can use any open source VNC client to connect to it. If you are primarily a Windows environment look for the RDP apps, which are put out by Microsoft. They are free, and I believe both IOS and Android have those. You would be amazed at how nice your Windows computer will look using RDP on an Android tablet. It really is just like being there, although on a slightly smaller screen.

PB:  So again, a safer way to use public WiFi and a good way to wander around with a clean computer.

DW:  That's right.

PB:  Okay. That's our look at remote access and VPNs and RDPs. Thanks very much, David.

DW:  Thanks, Phil.