Innovations
VPNot Yet: Why Nonprofits Have Been Slow to Catch on to Virtual Private Networks
June, 2002
|
There is an economic logic to this approach. But too often such decisions are made without consideration of the full range of options available to buyers - or without full understanding of a tool's potential. Virtual Private Networks (VPNs) are an example of the kind of technology that many agencies are unfamiliar with or simply overlook. |
While a simple and effective idea, VPNs are found in very few nonprofits. Why has there been such a slow adoption? |
What is a VPN?
VPNs are a variant on the "old" idea of a Wide-Area Network (WAN). WANs typically link two or more networked offices to each other via a line of cable laid by private contractors. These offices can then share their resources and communicate as one. But given the cost of materials and manpower, connecting geographically disparate users is usually an expensive proposition.
The only NPOs using WANs today are those large enough to occupy several offices, with each office situated near enough to justify a WAN's capital costs. If these offices are located further than a mile apart, only the largest NPO can afford to connect them. Consequently, WANs are implemented rarely and only when necessitated by physical limitations.
While just as scarce, VPNs are comparatively inexpensive and require little additional hardware. This is because a VPN takes the WAN idea and brings it online using the strong computers powering the Internet as its backbone.
A useful metaphor for virtual private networking is the construction of an exclusive tunnel within the larger channels of the Internet. Such tunneling is accomplished using special software and security protocols, allowing distant computers to communicate quickly and directly in a language that only they can interpret. Since the tunnel does not make use of many intermediaries (all computers communicate through a central server) the network is not as dependent on outside service providers. Theoretically, users are limited only by the capacity of their machines and their dial-up/DSL accounts.
Once established, a VPN works like any local-area or wide-area network, with real-time file swapping, communications and shared resources (such as databases). As with cabled networks, everything is monitored and controlled by a single system administrator using a central server. All troubleshooting and backup sessions are accomplished in a single place. The difference is that users can be in the next room, a half a block away, or in a neighboring country.
Who Can Use VPNs?
VPNs make good on the Internet's promise to shrink geographical distance on a scale dwarfing that of cabled networks. This quality makes VPN technology appropriate for a wide range of nonprofits, from intercontinental relief efforts to neighborhood coalitions. VPNs are an ideal choice for organizations that must coordinate the work of several neighborhood offices or that have outreach workers relaying time-sensitive information. With the proper setup, agencies with mobile components, such as voter registration centers or temporary health-care units, may also find VPNs useful.
VPNs are also representative of the corporate trend towards web-based solutions for what are traditionally brick-and-mortar problems (like sharing resources). Many companies have found that the ability to e-mail important documents without security, backups or centralized copies for authorization purposes, has created more confusion than it's worth. To this end,VPNs provide a controlled "back door" for these communications, making sure that important transmissions are secure and not subject to the vagaries of individual e-mail and diskette.
Given this corporate trend, why are there no "best practices" available for nonprofits who wish to implement similar solutions- For a variety of reasons momentum has not built up behind the wide-scale adoption of VPN technology. One of these reasons is certainly VPN's association with traditional WAN technology's exorbitant cost. This perception is incorrect. But as it turns out, VPNs have their own pitfalls and hidden costs.
The Fine Print
| The first complication lies in the setup. While Microsoft now bundles a VPN solution into its Windows NT software, the wide range of security and structural options (which used to be more or less defined by the wiring and hardware in your office) remain confusing. There is a thicket of security and user options to be negotiated in constructing any network. VPNs have the added dimension of web-based transactions. The hardware required for a secure VPN must then include a sturdy firewall and a host of software protections. Each of these components has a cumbersome setup. But securing the entire length of your virtual tunnel is clearly necessary. | Reduced security is always an option, but entails risks that may violate the very purpose of a VPN - a tunnel with holes always develops structural problems. |
Another disadvantage of VPNs is that the tunnel is smaller than the conduits for most online activity, and therefore upload/download lag-time can be significantly increased if a user has less than DSL-quality speed. Likewise, remote work on databases and other applications can be a trying experience.
The extra steps - sign-on screens and security codes - that a tightly secured VPN can throw into the mix also lengthen user experiences. Typically, secure VPNs also timeout occasionally, forcing users to go through the entire security process again. In addition to the added annoyance, such failsafes add to the time spent online, which in the case of a dial-up connection or an hourly-wage employee may prove a cost in itself.
Security can be minimized to a single sign-on screen - leaving every resource available to every user - but with unavoidable risks. What sort of balance should be struck- "Secure them," advises TechSoup guru Roger Rustad, "But not at the expense of people not being able to do their jobs."
The Hidden Cost
As with any new technology, start-up costs will include software licensing, maintenance, upgrades and often hardware purchases (such as external firewalls and faster modems). While these costs are nowhere near the order that WANs demand, they can add up.
The hidden cost, and one which system administrators often ignore, is training. The web-based interface bundled into most VPN software can be a maze for the uninitiated; imagine a windows environment stuck inside a web browser. Employees may revolt when faced with a new tool that eats up their online time, requires multiple sign-in procedures and features more pop-up boxes than a free browser. Without comprehensive training, the implementation of a VPN can lead to a slow, grudging adoption by employees - particularly when they are located at different sites.
Still, Corporate America has recognized that most of these issues can be addressed as one-time costs and that the long-term benefits are manifold. While secure communication can be achieved through PGP keys, real-time instant messaging is common, and diskettes will always be a decent currency, only a VPN can bring these elements together in a cost-effective way. A properly used VPN cuts transportation and time costs, centralizes and secures communication and continually backs up important files.
Are VPNs in Nonprofit's Future?
As demand grows for neighborhood-based services, more efficient outreach and comprehensive data collection, VPNs will eventually shed their bad reputation. Costs have already come down considerably, while both maintenance and user-experiences are becoming easier. It seems inevitable that VPNs will one day be used by many organizations reaching out to fieldworkers and neighborhood populations.