In a previous article, we looked at what it’s like being the administrator in charge of the IT team for a company in this season of upheaval resulting from the coronavirus situation. What’s it like, however, working in other areas on the front lines of IT during this crisis? In particular, what’s it like being an IT consultant when businesses that are your clients are under terrific stress and have urgent needs that need attending to, such as enabling their workers to rapidly transition to working from home? To find out I talked with Andrew S. Baker, the founder of BrainWave Consulting, a cybersecurity and IT operations consultancy for small and midsized businesses, who helped guide his clients as they transitioned employees to remote work.
MITCH: Thanks, Andrew for agreeing to let me interview you about what it’s like being an IT consultant on the front lines of helping companies deploy secure remote work solutions in this COVID-19 crisis we’re all currently experiencing.
ANDREW: You’re very welcome, Mitch. Thanks for giving me this opportunity to share my experiences. I hope they will be helpful to others.
MITCH: Describe for us your business and work as a consultant in the IT area.
ANDREW: Will do. I run a small consultancy that focuses on small and midsized organizations in all sorts of industries, including medical, internet, entertainment, legal, telecommunications, churches, and other not-for-profits. My background started out in technology infrastructure management, and over the years, I was privileged to add cloud migration, disaster recovery planning, and cybersecurity and compliance. Because of the breadth of my corporate and consulting experience, I can provide a broad range of services for my clients. Not only do I help organizations with break/fix of servers and network devices, but for some clients, I provide remote management of network infrastructure, or perform remote patch management, or help them with compliance initiatives.
MITCH: What’s your work been like during this COVID-19 crisis? Has it picked up or tapered off?
ANDREW: This pandemic has been something else! Business has shifted in many ways, and even though we are still in the early stages of change, I think there will be some things that never go back to the old normal. I’ve had some regular business taper off, and other business ramp-up. I think it’s a little too early to tell how it will finally shake out, though.
This pandemic has been something else! Business has shifted in many ways, and even though we are still in the early stages of change, I think there will be some things that never go back to the old normal.
MITCH: Has the kind of consulting work you’ve been doing changed as a result of the crisis?
ANDREW: Definitely. Much of the planning and strategic work has been put on hold — everyone has been focused on very tactical operations, whether that is moving to the cloud, or expanding on-premises remote access capabilities. I’ve been doing quite a bit of VPN and multifactor authentication work at the firewall or in the cloud. The compliance work has slowed down for the present, but once things stabilize a bit, I expect that to swing back to the forefront somewhat.
MITCH: How have you been handling things personally in terms of stress and how you live?
ANDREW: That’s a really good question. One of the awesome things about consulting for me is that my client’s stress is not my stress. It’s not that I don’t care about their needs, but that I have learned that if I or my team will be of any use to the client, we have to be level headed and pragmatic and calm. My family and I have the pleasure of living a bit remotely ourselves. We’re an hour away from any major cities, and the pace of the small communities that are near us is very low key. So, while we are not immune from all the coronavirus activity, its impact on us and our day-to-day has been less painful that I’ve heard of friends and colleagues in more populous regions of the country.
We have sufficient acreage around us to get our daily walks and exercise and plenty of fresh air without running into anyone else. It’s a serious blessing that we are even more thankful for right now.
Some of the activities we were planning for the year have been postponed or canceled, but it all happened early enough to avoid being a surprise or major inconvenience. As a result, my family and I are keeping an eye on what is happening across the country, but our own stress is relatively low.
When the news first broke in the early part of March, there was a flurry of activity from multiple clients as they scrambled to set their remote work strategies in motion, and there was a little stress associated with that, but even this has settled down a little bit.
MITCH: Tell us about one of the clients you’ve recently been working with helping them set up remote access so their workforce can work from home. Lay it out as a case study for us.
ANDREW: One of my clients, let’s call them Contoso Ltd., found themselves in a position where they needed to have their staff across multiple cities all working from home within a couple of weeks. Typically, only about 10 percent of Contoso employees made regular use of remote access, and they were doing it via on-premises resources. For both compliance and operational security reasons, they also needed to ensure that multifactor authentication was part of the equation.
The client and I decided to stay with the on-premises solution, and we quickly worked to expand the licenses, get some VPN software deployed on new laptops, provision the perimeter VPN solution, and distribute the new laptops to employees who had previously only had PCs at the office.
BrainWave Consulting took on the responsibility of configuring and managing the remote portion of the solution, and also shared the burden of tech support for new users experiencing problems with remote connectivity.
Thankfully, supporting multiple people across multiple offices is easier if those offices are also across multiple time zones, as it spreads the calls out a bit. Like probably everyone else, during this time, we ran into some issues with scaling up users, but have gotten everything under control at this point.
MITCH: What on-premises remote access solution are they currently using? Some combination of RDS?
ANDREW: They had been using Remote Desktop Services for a long time, but in 2019 they had begun to move towards an SSL VPN solution based on Fortinet’s firewalls. This approach was easier for them to scale up the way they needed, and required less back-end infrastructure. It was part of the reason why we’re able to more quickly ramp up support for the larger user population that had not previously been using remote access. So, we expanded their recent deployment of the Fortinet SSL VPN solution across all of their offices.
MITCH: Which VPN products or services do you generally recommend for your clients?
ANDREW: I happen to be a personal fan of Fortinet’s firewall products, and where customers have no coherent firewall strategy, I’m always willing to recommend them. Depending on the size of the client, a firewall-based VPN can be quite effective, both from a cost and complexity standpoint. For larger clients, especially those with multiple offices or networks, I recommend cloud-based VPNs such as MetaNetworks VPN.
MITCH: Tell us about another client you’ve been working with to help them ramp up for moving their workplace to working remotely instead of at the office.
ANDREW: I had another client I’ll call Fabrikam Inc. that also needed to have their employees work remotely. Fabrikam doesn’t have a distributed office issue, as most people work out of one office, and they have more people that work remotely regularly. They are also heavier cloud users already, so much of the employee activity was already supported away from the office. Fabrikam’s challenge was that they had certain software development resources that they had not yet moved to the cloud, and they needed to ensure access from the cloud if they could not easily get into the office for a while.
So, the solution here was for me to bridge their cloud and on-premises networks together more seamlessly, allowing them to leverage their resources just as fluidly from on-premises to the cloud, as in the reverse. For this project, the work fell primarily on me to set up and test the configuration, and ensure its viability, before turning it back over to Fabrikam.
I did review their normal remote access connectivity, and we did speak about possibly increasing bandwidth to support even greater concurrency of remote users, but for now, they are in a good place with capacity and performance.
MITCH: What kind of solution did you end up recommending to better bridge their cloud and on-premises networks? What software and/or cloud services does your solution involve?
ANDREW: We established a site-to-site VPN between their office and their public cloud network. And we set up DNS between the two environments, which were not previously using the same DNS namespace. All of these were possible without incurring any new costs. We were able to leverage existing technology licenses and entitlements that the client already possessed. Due to their existing cloud focus, they were somewhat prepared for what was needed, and we were able to put it in place without a great deal of angst.
We established a site-to-site VPN between their office and their public cloud network. And we set up DNS between the two environments, which were not previously using the same DNS namespace.
MITCH: Andrew just a couple of more things. Looking toward the future once this crisis recedes, what recommendations would you give to clients to make them better prepared for such crises?
ANDREW: Well, to be fair, I’m still thinking through all the ramifications of what has happened here over the past month. I will say this, though: Pandemic planning needs to be a real item now. There needs to be real meat on that part of the business continuity plan. Businesses are going to have to realize that this can, and most likely will happen again in the not too distant future, and they have to know how they will provision equipment at the last second when everyone in their region is also provisioning equipment. Maybe it’s time to give every employee a laptop and docking station, even if they don’t normally work offsite — because you might need to do it suddenly.
MITCH: Do you have any advice you can give to consultants working in a similar field to your own? Any tips about what they should or shouldn’t be doing, both for the sake of their own businesses and those of their clients?
ANDREW: Understand that you cannot do it all. Even if you have a ton of experience, you need to have a little bit of a focus on what you do, and what you don’t do regularly. By teaming up with other people who have the right skills, you can adapt to emergencies or surprise projects by tapping into your network of associates. Also, in an emergency, be flexible. End-user support is not generally a part of my service offering, but over the past month, I did what was necessary to help my clients who were in an unbelievably tight spot. And they have been appreciative of it.
MITCH: Andrew, thank you very much for sharing some of your valuable time with us. Stay healthy and safe!
ANDREW: You’re very welcome, Mitch. I thank you again for this opportunity, and I encourage you and all your readers to be healthy and safe. This is a serious situation, and if we are smart and focused and manage our risks well, I hope that we will come out all right.
Featured image: Shutterstock