Users on the road are the first to say they need a fast, simple and secure connection to their home offices. With the increasing deployment of groupware programs, this has greatly intensified; E-mail and other network data can be crucial.

There are two ways to remotely access a groupware system, according to industry analysts. The standard method is to dial into a network using a modem and remote-control software such as Carbon Copy from Microcom Inc., Close-Up from Norton-Lambert Corp. or CO/Session from Triton Technologies Inc. This method gives users access to everything on the network except the data on a local PC hard drive.

Another way is for the groupware system to have a remote-access feature built-in, such as in Lotus Development Corp.’s Notes and Futurus Corp.’s Team. This enables the user to establish a direct link to the groupware system without going through the time-consuming process of logging on to the network server.

Although this type of direct connection may leave users without access to other network resources, some packages contain programming options that allow users to access other software on the network via the direct link with the groupware system, bypassing the need to actually log in to the network with remote-control software.

Beyond Inc., of Cambridge, Mass., includes a development feature called BeyondRules in its BeyondMail E-mail program that can be programmed to retrieve data from other network applications for specified remote users, according to company officials.

Fort Howard Corp., a paper-goods manufacturer, uses BeyondMail to connect its roughly 270 sales representatives to the main office, said Rob Williams, a PC analyst with the Green Bay, Wis., company. The company uses BeyondRules for its nightly compilation and distribution of sales reports to reps in all major U.S. cities and Puerto Rico. The database of information is stored on the mainframe at Fort Howard’s headquarters.

“What the rep receives is based on their user ID, which is based on territory, and the appropriate reports are passed on to their PC,” said Williams.

Remote links may sound simple in theory, but problems can pop up in practice: Limits to the number of remote users logging on can result in a busy signal; live connections are not always reliable, especially at low modem speeds; and finding a telephone line where a modem can be plugged in can be difficult in an airport or on a train.

Network administrators agree that 9,600 bps is the minimum speed they would use to establish a remote link. Anything less would be impractically slow.

“I expected that we’d have to use 9,600 [bps], otherwise we’d be working at a crawl,” said Scott Joy, project manager at Liberty Mutual Insurance Co. The Portsmouth, N.H., company uses Instant Update and Meeting Maker from ON Technology Inc., of Cambridge Mass., to coordinate activities and collaborate on status reports.

Some groupware products are constructed in a way that allows remote users to work off-line. Users of Futurus Team Remote do this and then connect to the Futurus Team groupware system to simultaneously upload the work they’ve done and download all activity that has occurred on the main system.

Lotus Notes also allows users to work off-line, according to Cindy Schuyler, product manager for Notes. Notes, one of the more complex groupware products, includes a feature that allows databases to be replicated. Before a user leaves the office, all the necessary databases can be replicated onto a laptop for use on the road. Whenever a remote link is established, the laptop replica is kept in sync with the master through a database exchange where all changes to both databases since the last connection are exchanged.

Priority 1: security

Once remote users have found a reliable means of connection to a groupware system, security becomes a big issue. A user’s password and the data on the network can be vulnerable when connections are made via public telephone lines.

Security can be built-in at several levels. Although all network operating systems use some sort of security, most groupware packages contain additional features ranging from simple passwords to data-encryption and user-access codes.

The most widely accepted, Data Encryption Standard (DES), endorsed by the National Institute of Standards and Technology, uses a randomly selected number as a key for a numerical combination that scrambles data for transmission. The same key is needed to unscramble the data at the other end, ensuring that only the intended recipient will gain access to the message.

The vast number of numerical combinations that can be created using DES makes it a very secure way to send data over both local and wide area networks, analysts say.

A more complicated encryption method, called RSA public key encryption and developed by RSA Data Security Inc., assigns two mathematically related “keys” to every user. The public key encrypts messages and the private key decodes them. Although the keys are numerically related, the number of variations is so vast that it is virtually impossible to break the code, according to analysts. Lotus Notes uses RSA technology in its user ID system and uses encryption and digital-signature features on a message-by-m essage basis.

Notes also contains several layers of security to monitor which parts of the system various users are authorized to access. Notes servers and databases both have access control lists (ACLs), which allow each individual database and server to be programmed to allow or deny access to certain users. User IDs must be recognized by the server or database that is being accessed.

Priority 2: more security

In addition to these widely used methods, other hybrids and unique technologies for security abound.

BeyondMail, for example, uses a combination of passwords and encryption for security. The sender uses a password to encrypt a message and the recipent uses the same password to decrypt it.

Kerberos, a security system developed at the Massachusetts Institute of Technology in Cambridge, Mass., establishes the authenticity of a user upon log-on. Once a user’s password has been authenticated, a server grants a “ticket” for that particular session. The ticket contains the user’s name and password, the name of the server the user would like to access, the location of the user and the time the ticket was granted. The information in the ticket is then encrypted, giving the user secure access to the network.

Call-back features are another way of confirming a remote user’s identity. This technology enables the network to call a user back after the user has dialed into the network or groupware system.

There are two benefits to this potential setup, said Michael Joseph, a network administrator with Imaging Technology Inc. in Bedford, Mass. “The remote user would not have to pay for the call, and it would also be a way of confirming the caller’s identity since only calls from predetermined telephone numbers could be returned.”