Skip VPN and build a Modern Workplace
Yesterday I ran a session on this subject on Workplace Ninja Virtual Edition 2021. If you missed the session, this blog will explain my different approaches.
What is a modern workplace?
My definition of a Modern Workplace looks like this:
- Work from anywhere
- Work on any device
- Work at any time
- Support an efficient way of work
- Way of work that fit your business needs
- Secure and confident
Legacy workplace
Many companies out there have legacy workplaces with a requirement for VPN. Many of those started to upgrade, upsize and optimize the VPN when Covid pandemic forced users to work from home. Bad investment if you ask me. Build a modern workplace instead!
Some example from one of my customers on legacy workplace apps:
The Time Report app is a local web app using a local web server. If connected to LAN or VPN, all is fine. But we cannot use a non connected device.
The Economy app is a client app working against files on a local file server. If connected to LAN or VPN, all is fine. But we cannot use a non connected device, also there is only support for windows clients.
The CRM app is a client app working against an app server witch works towards an database server. If connected to LAN or VPN, all is fine. But we cannot use a non connected device, also there is only support for windows clients.
The Order app is a client app working directly against a database on a database server. This application has major problems with latency. Even if using the London office, the wan link can sometimes have to much latency for the application to work correctly. On VPN it might work. And we cannot use a non connected device, also there is only support for windows clients.
VPN a secure and simple solution!
Is really VPN a secure and simple solution? lets look at the typical security of a VPN. If you connect your VPN, you are virtually connected to LAN. Many companies are happy with this and the user can work as if they were connected to the local LAN. But if your computer is remoted, the hacker can access all resources on your LAN. SSO to all services that the user has access to. Username and password (often Basic Authentication) to resources that the user do not have access to. Also the hacker probably has access to cloud services as if coming from a trusted network.
Think different, skip VPN and build a modern workplace!
Top 5 solutions to build a modern workplace
1. Azure AD Application Proxy
If we take the time report and publish that application in Azure by using the Azure AD Application Proxy. We get a web app available from any device om internet. Also available from any device type. And actually more secure than before!
The better security is gained by using Conditional Access. You can now require MFA, compliant device, specific networks, etc to be granted access to the application. Previously it was only username and password.
2. Cloud Apps
There are lots of cloud apps out there that we can use to build the Modern Workplace. We can use Sharepoint/Onedrive for file storage, Azure database for databases, and lots of other services out there for other purposes.
If we take the Economy system and replace the fileserver with a sharepoint storage for the files. We get an app that is not dependent on VPN anymore. It can run from anywhere1
3. Modern Apps
Most company’s that develop applications today are eager to make them modern and productive. But not all of them. You need to contact your application creator and ask if they have modernized their development, offering some modern app instead of that old app you are using. If not, widen your view and look for a competitive solution that will fit your needs.
If we take the CRM system, that was a legacy app working against an app server and database on your local datacenter. We could replace it with Microsoft Dynamics! We get a modern app with support for many device types.
4. Power Platform
Microsoft Power Platform is really spectacular for building your own processes that previously was mad with apps. Yes, It’s a bit of development to get there, but quite easy. And there are templates ready to make it work on a range of devices out there. But there is a fun feature for legacy apps, the robotic process automation! It can simply take the input from a powerapp and insert it into a legacy application with UI flows.
5. Azure Virtual Desktop / Windows 365
This one of the best additions for building a Modern Workplace. You might have a legacy app that you cannot replace or upgrade. Should be an interim solution until you can replace and implement a modern app. No app can live forever!
You simply take the legancy app and install on the AVD. the AVD is available from anywhere and on any device.
If we take the Order app and install it on the AVD instead of installed on different devices in different locations. we get a more stable environment for this app and can optimize the route between the app and database.
To take it a step further, we can also move the database to an Azure database to remove the latency problem completely.
With this I hope you have some new ideas on how to modernize your legacy workplace! If you saw my presentation and want the ppt deck, here is the link!