Do you ever leave the office to visit clients or share information with your business partners? If yes, you may want to consider creating an extranet portal. What exactly is an extranet portal? It is a website that permits controlled access from outside an organization’s network, or in layman’s terms, controlled external access to your intranet.
More often, our customers have been showing interest in making their intranet site accessible outside of the confines of their headquarters. The reasons behind this push are as varied as the industries our customers are from. But perhaps two of the most compelling reasons are:
On-Demand Intranet Access
External User Access
Increasingly, organizations are finding the need to grant users who are not members of the organization access to their intranets. But many intranets contain sensitive or private information, especially Financial Intranets and Healthcare Intranets. Given the security concern, organizations turn to creating an extranet portal, which allows users outside of the organization to access only portions of the intranet, based secure permissioning.
Provision Your Extranet Portal
There is immense value in collaborating and centralizing your information on an extranet portal. However, the question is how do you provision an extranet? The foundation is to create an engaging sub-site only accessible to external users and redirect these users on login to your extranet portal. The following is a brief process on how to execute provisioning a new extranet portal:
Choose a Consistent URL
You will need to choose an address that can be easily accessed at your headquarters, as well as from outside your organization. You will need to make DNS configurations to assign a public IP to your intranet portal and likely allow traffic through your firewall to make it externally accessible.
Your users will want to finish their online tasks quickly, even more so when they are on the road. For this reason, the most frequently accessed resources should be plainly visible from the home page of your intranet. The same goes for your external users outside of the organization. Find out what the most important information is for those external users to access, and only include those items on your extranet portal. Anything required by external users should be laid out for them on your extranet.
In the Google era, users expect to get information after a quick search. Make sure you describe your content well, so it shows up on the top of the search results list when your users search. Utilizing our latest product release, Super Search, whatever your users search for should be at the top of the list, but if it doesn’t appear right away, it could need some more filtering (i.e. by author, by document, by publish date). If you describe it well, your users shouldn’t even have to use the filtering option.
Your intranet is simple, clean and easy to navigate, the same should be said about your extranet. Whether its users accessing it from on the road, or an external user accessing it, you want to keep your extranet sub-site simple so that extranet users can find what they need quickly.
Secure your Extranet Portal
Having access to your intranet from anywhere is great! But it goes without saying that you want just the right people accessing this information. A common concern for organizations granting external users access to their intranet is the possibility of sensitive data being seen by unauthorized users. With the different security permissions available on your intranet, you can secure your extranet portal to ensure this doesn’t happen.
Follow these tips to mitigate the risk of unauthorized access:
- Lockdown the web administrator for your server (ColdFusion, Railo, etc), separate the administration from the content on your servers. On your server, you can limit access to the administration area to specified IP addresses, while allowing content to be viewed from a variety of locations.
- Make use of Secure Socket Layer (SSL) certificates to make sure your information is encrypted as it moves between clients and the server making it more difficult for people to sniff out information.
- Firewall programs, virtual machines and other server-based processes are constantly offering updates to stay one step ahead of intruders. Stay on top of each of these, while being mindful that they don’t affect the proper functioning of your website.
- Be strict. You can set individual user’s permissions, so that they only can see what they need to see: nothing more, nothing less. It is best to target the minimum access requirements first and expand as the need grows.
- Prevent direct file access to uploaded content by moving your upload location outside the web root. You can do this using our File Migration Utility (link).
- Stop your intranet site from being indexed by Google, Bing, and other search engines by deploying a robots.txt file in the root.
Now you should have the tools to provision your own extranet portal. Still need some help? Comment below, I am happy to assist!