Developing Secure and Ubiquitous Telework Environments at NTT Communications

1. Introduction

For many companies in Japan, the Great East Japan Earthquake of 2011 underscored the importance of work-style innovation in supporting power-saving measures, a business continuity plan (BCP), and further improvements in productivity. As a result, these companies are now taking a hard look at telework systems that enable employees to access the company’s office environment in a secure and ubiquitous manner from their homes or outside locations. At the same time, setting up an appropriate information and communications technology (ICT) environment is essential for introducing and promoting worry-free teleworking, but only a small percentage of companies are in the process of constructing a telework environment (Fig. 1(a)). The reasons given for not introducing telework are often system-related, as in concerns about information leaks and the high cost of implementation (Fig. 1(b)). Against this background, NTT Communications has been operating a cloud-based virtual desktop service called Biz Desktop Pro (Fig. 2) since June 2010 to provide safe, secure, and convenient access from anywhere at any time over the Internet and to support corporate telework efforts. After the earthquake, cloud features that enabled the creation of a telework environment in a relatively inexpensive and quick manner garnered high praise and the number of inquiries received at NTT Communications about Biz Desktop Pro increased by five times. The service also attracted much attention in the media, such as the Yomiuri Shimbun (article on April 4, 2011), Nikkei Shimbun (article on April 17, 2011), NHK News Watch 9, (broadcast on April 7, 2011), and Nippon Television NEWSZERO (broadcast on April 20, 2011). In this way, companies that had been reluctant to introduce telework for reasons of security or lack of in-house telework rules underwent a major change in telework awareness, which provided sudden opportunities for telework market expansion.

Fig. 1. Survey of corporate BCP measures.

Fig. 2. Overview of Biz Desktop Pro service.

2. Telework issues solved by Biz Desktop Pro

Biz Desktop Pro constructs a virtual personal computer (PC) environment within NTT Communications’ robust datacenter through the use of virtualization technology. The following features support the introduction of a corporate telework system.

(1) Use only as needed with low monthly fees

A virtual desktop environment has traditionally required system-engineering work for its construction, but its conversion to a cloud-based format lowers startup costs and enables it to be launched in a relatively short time. Furthermore, integrating the virtual desktop environment with the network eliminates the need to design, deploy, and operate center circuits as in the past, which facilitates implementation.

(2) Secure remote access

The use of a screen-transfer system means that absolutely no data is left on a terminal used at home or at an outside location. There is consequently no need to worry about information leaks even if the terminal should go missing. Moreover, double encryption and multifactor authentication prevent unauthorized access by eavesdropping, spoofing, etc., and the prevention of document printing, downloading, screenshot printing, etc. provides an effective countermeasure to security threats.

(3) Unified management of PC environment

In contrast to the past thin-client service, Biz Desktop Pro provides a number of important benefits. It simplifies and accelerates the deployment of PCs and the increase (decrease) of resources as the number of employees increases (decreases), prevents the unnecessary installation of applications, and enables uniform management of virus protection and data backup. It also enables home PCs and existing company PCs to be used as they are: there is no need for dedicated PCs.

3. Telework efforts at NTT Communications

NTT Communications had envisioned the need for BCP measures even during normal times before the crisis of 2011 and had established a remote work environment using Biz Desktop Pro (Fig. 3). In this environment, the user only has to insert a dedicated USB (universal serial bus) key into a home PC to log into his or her virtual PC environment and activate in-house security policies through a link established using Active Directory (a Microsoft service).

Fig. 3. Implementation of Biz Desktop Pro at NTT Communications.

Since NTT Communications had already implemented and promoted a system that enabled more than 1000 employees to work from home (telecommute) under a telework manager, it was able to use Biz Desktop Pro to continue most business as usual after the earthquake despite disruptions in public transportation. Moreover, during the power-saving period from July to September 2011, it was able to make a major contribution to reduced usage of electrical power by expanding target users to all 8000 or so company employees and getting more than 1000 employees per month to engage in telework (Fig. 4).

Fig. 4. Telework usage at NTT Communications (by day).

NTT Communications’ Tohoku branch office in the city of Sendai was directly affected by the Great East Japan Earthquake. Amidst the break in lifelines, disruptions in public transportation, and insufficient supply of consumer goods and other commodities, personnel at this location were able to get a barebones, provisional office up and running within one week of the disaster and to reopen for business using Biz Desktop Pro. However, as transportation services had not yet been completely restored even after the office had genuinely reopened, continuing with a telework format made it possible to sustain business operations without any major disruptions.

NTT Communications has promoted flexible application of telework on a variety of occasions, such as for telework trials envisioning the outbreak of new types of infectious diseases (starting in February 2011), as a countermeasure to commuting difficulties following the Great East Japan Earthquake (starting in March 2011), and to support power-saving measures (July to September 2011). Although telework adoption is still a work in progress, these instances of practical teleworking have helped raise awareness of its benefits on a company-wide level and enable telework to take root. Looking to the future, NTT Communications plans to further promote the advantages of telework beyond any particular locations or sites and to proactively expand and apply work-style innovation toward a work/life balance in addition to BCP support.

Since the introduction of a telework system in 2007 at NTT Communications, employees having child-care and care-giving responsibilities have been telecommuting on a two-days-per-week basis. In other words, NTT Communications itself puts telework into practice, and in addition to providing an environment in which employees can fulfill both work and family responsibilities, the company sees telework as a way of making more effective use of commuting time, raising employee motivation, and raising the efficiency of business operations. Based on these experiences, NTT Communications wishes to support the diverse work styles of its partners and customers from an ICT perspective.

4. Security technologies for telework environments

Security is the main concern in the implementation of a telework environment. Biz Desktop Pro specifies security policies from the four viewpoints of authentication, terminal, communication path, and server to achieve the level of security needed in the cloud era (Fig. 5).

Fig. 5. Security policies in Biz Desktop Pro.

(1) Authentication security

This policy strengthens security by combining multiple authentication factors in addition to ID (identification) and password. For example, USB key authentication and MAC (media access control) address authentication can be used for identifying the terminal, authentication of the originating IP (Internet protocol) address for identifying the communication path, and matrix pattern authentication and fingerprint authentication for identifying the individual. Appropriately selecting and combining such authentication factors maximizes the security level. Other practices or recommendations also help to enhance security. For example, common names for accounts are generally not allowed and measures for preventing password cracking such as requiring complex passwords (of at least eight alphanumeric characters) are provided.

(2) Terminal security

To prevent information leaks, this policy prescribes a mechanism that prevents document saving or data downloading from the in-house system to local home or outside terminals or to external storage media such as USB memory connected to a terminal. It also disables printing or use of the print-screen function from home or an outside location to prevent the outflow of actual data to points outside the company. At NTT Communications, home PC terminals used for company purposes are prevented from connecting if the definition file of their anti-virus software is not the latest version. This quarantine function serves to further enhance security.

(3) Communication-path security

This policy dictates the use of Remote Desktop Protocol (RDP) for performing secure transfer of only screen information on virtual PCs and ensuring that absolutely no data is left on home or outside terminals. Moreover, when an Internet connection is made, double encryption through SSL-VPN (Secure Sockets Layer virtual private network) and RDP makes for even stronger security.

(4) Server security

This policy calls for the creation of a firewall and server for each company and the division of the network into segments so that a security problem that by chance occurs for a particular company does not affect the operations of another company in any way. Anti-virus software is also installed as an additional measure to prevent virus infections, and network traffic and resources are constantly monitored 24 hours a day every day to watch out for unauthorized access, abnormal jumps in CPU (central processing unit) resource usage, etc.

5. Work-style innovation supporting the use of multiple devices

The dramatic spread of smartphones and tablets and the diversification of work styles in recent years have led many companies to proactively adopt a business style that uses mobile tools and a business environment that can make effective use of idle time when moving from one place to another.

Biz Desktop Pro supports multiple devices such as Android terminals and the iPhone/iPad to enable employees to access the same office environment using a PC inside the company and a smartphone or tablet outside. The end result is a work style independent of place or time that takes full advantage of the benefits of placing applications and data in the cloud and that enables the most suitable device to be used according to current conditions.

NTT Communications offers a telework environment using smartphones through the provision of Remote Office Solution (Fig. 6). This service packages the elements needed for a company’s remote office environment, such as mobile data communications (3G (third generation)), public wireless LAN (Wi-Fi local area network), smartphone terminals, 050IP phone applications, mobile device management tools, and a virtual desktop service (Biz Desktop). By using smartphones and tablets in this way to establish a new work style independent of place and time and to spread the positive effects of telework, NTT Communications seeks to improve the productivity of its sales force, speed up the management process, develop highly competent personnel, and raise moral, and by extension, improve company results.

Fig. 6. Overview of Remote Office Solution.

6. Concluding remarks

Telework is not a new word. Its benefits have been discussed for some time. Nevertheless, many companies are still reluctant to introduce a telework environment because of security concerns or the lack of in-house rules governing telework.

In addition to Biz Desktop Pro and Remote Office Solution introduced in this article, NTT Communications provides an extensive lineup of cloud services for achieving a safe and convenient telework environment. These include Biz Storage, Biz Mail (email), Work Box (scheduler), and services for checking on the well-being of others and for broadcasting information. With these services, NTT Communications naturally seeks to spread telework from an ICT perspective, but it also wants to apply its in-house experience and know-how in implementing a telework environment to providing its partners and customers with comprehensive support that includes methods for establishing telework rules and workplace environments.

References

[1]	FOMA. http://en.wikipedia.org/wiki/FOMA
[2]	OCN. http://www.ocn.ne.jp/english/