Awareness of the cloud as a compelling model for the consumption of IT functionality by businesses is growing. The benefits are increasingly well understood and the seismic shift from DIY IT to IT as a service from the cloud is already underway. Nevertheless, there is gap in the model that cloud service providers and vendors often like to gloss over: ‘What happens when I don’t have an Internet connection?’
Perhaps the most common response from the cloud sales person is ‘…well people can get an Internet connection almost anywhere now via the mobile telephone network…’
However, the problem is not going to go away anytime soon. There are a whole host of scenarios where users just can’t get a connection of any sort, let alone one that’s fat enough to make the use of the more bandwidth-hungry VDI-type cloud services viable. Many companies who want to take advantage of the cloud model operate internationally – the cloud expressly enables that – and Internet infrastructures vary considerably across countries. Equally, there are a surprisingly high number of difficult use case scenarios that need to be catered for. For example, we have been asked to deliver cloud-based business applications to remote users operating in locations like an oil rig in the Niger Delta, a ship crossing the Indian Ocean and a team operating in Cairo during the recent civil unrest when the authorities switched off Internet access for the entire country. In all of these examples, our users required the ability to work seamlessly, flexibly and securely offline.
So what are the options and what are the pros and cons?
Locally Installed Applications
The 'old faithful' reversionary option is to install applications locally on a laptop. This approach has the advantage of providing applications in a way that is familiar to the overwhelming majority of users and is probably the cheapest method of equipping users to work offline. However, there are drawbacks: the locally-installed applications have to be supported across a fleet of laptops; data has to be downloaded to be locally manipulated, which 'fragments' corporate data across multiple devices and renders it vulnerable to loss or, even more likely, theft. Of course, hard disk encryption of all corporate laptops is an option to protect locally-held data but it’s very expensive. This is arguably the least desirable approach to enabling users to work with important corporate file data outside the cloud platform or corporate network.
Applications on a ‘stick’
Another option is to provide applications on a USB memory stick. This approach provides a very convenient and flexible offline working capability using ‘localised’ applications on a range of host devices, although it requires the additional expense of virtualisation software to do it. At present, this approach can be problematic for a number of reasons. One fundamental problem is that most virtualisation software creates a self-contained ‘sandbox’ environment within which the applications run. To provide the applications to the user, the whole sandbox image has to be copied to the memory stick, which also means generally it can be copied off the memory stick, effectively enabling the software applications to be 'pirated' to an unlimited extent by an unscrupulous user. Like the use of locally-installed applications, this approach also fragments data over multiple USB sticks which are often insecure; if a stick gets lost so does the data and corporate applications that can be readily pirated.
Local VDI Image
VMware View is a VDI cloud solution aimed at enterprises that has made provision for users to work offline. This is done through the creation of a ‘Local Mode’ of the virtual desktop image. The idea is that the user can create an encrypted local image of their virtual desktop on their laptop and can then use it to work offline, which sounds like a good approach in principle. However, the fundamental problem with this approach in practice is that downloading the VDI image is a very convoluted process, which has to be conducted on the company network and involves downloading VDI images of at least 5GB. This is not really practical even on a WAN connection let alone a VPN connection via the Internet.
This approach also requires files that are to be worked on offline to be moved to the user’s virtual desktop image before it is downloaded. This fragments corporate data across multiple desktop images, and even though the users can synchronise their desktop images back to the corporate cloud (but only via large capacity bandwidth connections), the file data is still locked into each user’s VDI image, which means it’s not available to other users in the organisation.
Secure Portable Workspace
Secure Portable Workspace is a new approach to the offline working challenge. An example of this approach is Extrinsica Secure Edge. This provides a USB-sized hardware-encrypted device that has its own virtualised workspace, which can be used with any windows operating system on any host computer. When offline, the user can run the software applications they require to work from the virtual workspace and they can be prevented from copying anything off the device. If the host computer has an Internet connection, the device can act as a secure access point to the user’s cloud platform, allowing the use of their cloud-based apps. Any file data which is changed or created using the localised apps offline is automatically and securely synchronised back to the cloud platform as soon as an Internet connection of any bandwidth is detected – even a very low bandwidth mobile telephone network connection.
This approach is designed to provide the same ease-of-use, flexibility and practicality as locally-installed apps but via portable workspace that separates and secures applications and data from the host computer and synchronises remotely-created data back to the corporate file store automatically. Nevertheless, the sophistication of the product/service means that while it solves many, if not all, of the drawbacks of the other methods, it is not the cheapest option.
Bottom Line
There are a variety of ways to work offline with cloud services. Some are relatively cheap and easy to make available to users but have substantial operational drawbacks; others are more sophisticated, offering comparable flexibility, but better security and data aggregation capabilities. As with most things, the cost of the solution chosen will increase in line with its sophistication and the degree to which it solves the operational challenges. Ultimately, you’ll get what you pay for.
Simon Smith is the managing director of Extrinsica
