Remote working is an essential part work life for businesses all over the world.  The ability to allow employees access to their email and work related files from anywhere with an Internet connection can significantly increase productivity.  With the recent increase of WIFI hotspots and mobile broadband speeds, a remote worker no longer has to be someone confined to working from their home.  They could be a travelling salesman sat in their car updating a sales opportunity after a meeting with a client or a director of a business catching up with their emails from an Internet cafe in an airport while they wait for their flight.  Allowing remote access to a corporate network brings with it huge risks regarding the perimeter security, however, if managed correctly these risks can be hugely reduced.  During the last month I have been working on a client’s site introducing new security measures to ensure that the risks associated with their remote workers do not out way the advantages that they bring.  With the introduction of a Remote Authentication Dial In User Service (RADIUS) Server accompanied by an Internet Authentication Server (IAS), a solution was provided giving all remote workers two factor strong authentication when connecting to their corporate network.  The key requirements were to secure access to the Virtual Private Network (VPN), Outlook Web Access (OWA) and the corporate intranet.  The solution used One Time Passwords (OTP’s), which were generated using tokens associated with each user, in addition to the user’s regular user name and password.  Although two separate authentication methods were being used, the Single Sign On (SSO) technology used meant that the remote worker only had to provide their logon credentials once.

A huge amount of time is consumed with reverse engineering database topologies and figuring out where connections are being made to and from, security accounts and credentials, DTS package source and destination, SQL Server Agent jobs etc... Normally when a company experiences strong organic growth the documentation and management of database systems is the least concern at that particular time.  The pain point starts when you need to un-pick an individual database or database server and unravel the relationships both tightly and loosely coupled, and often internal and external to the company.  The cost of getting this process wrong or missing out a key configuration consideration depends on the importance of the databases to the companies’ operations, often a little down time or glitches may be tollerable but not if you're trading millions of USD or GBP each hour.  I’m currently working on the backbone trading systems for a large UK hedge fund and it’s surprising to see just how involved it is to unravel the core business applications and the flow of data between these systems.  Turning on SQL Server profiler for 24 hours just won’t cut it if you’re looking to remove users on your new database server that may have left the company 36 months ago.  The amount of effort and time required is often incomprehensible to management and decision makers (basically most non-technical) and the job of producing awareness of the risks, fighting for time to be allocated to the project and the necessary skilled resources will land on the lap of the consultant.  If you are an external contractor or consultant then you have to wear many hats to satisfy your commercial guys and being the incumbent resource on-site.