Get best of the week

Our remote work experience in creating online stores



Today, the reality is that due to quarantine and coronavirus, many companies have to think about how to provide remote work for their employees. Almost every day, articles appear that reveal both the technical and psychological aspects of the transition to remote work. At the same time, vast experience has already been accumulated in such work, for example, by freelancers or those IT companies that have long been working with employees and customers living all over the world.

Transferring a large IT company to remote work may not be easy. However, in many cases, you can do with well-known tools and techniques. In this article, we will review our remote experience from the technical side. We hope that this information will help companies adapt to new conditions. I would be grateful for any comments, suggestions and additions.

Remote access to company resources


If an IT company works in an office, then, as a rule, there are system units, laptops, servers, printers and scanners, as well as telephones. All this is connected to the Internet through a router. Our company in the early years of its existence housed just such equipment in the office.

Now imagine that you need to quickly, in 1-2 days, send all employees home, and even so that work on projects does not stop. What to do in this case?

With laptops, everything is clear - employees can simply take them with them. System units and monitors are more difficult to transport, but still it can be done.

But what to do with servers, printers and phones?

Solving the problem of access to servers in the office


When employees move home, and the servers remain in the office and there is someone to look after, it remains only to solve the issue of organizing secure remote access for employees to the servers of your company. This is a job for the system administrator.

If Microsoft Windows Server is installed on office servers (as we had in our early years), then as soon as the administrator sets up terminal access using the RDP protocol, employees will be able to work with the server from home. It is possible that you will have to purchase an additional license for terminal access. In any case, employees will need a computer with Microsoft Windows at home.

Servers with Linux OS will be accessible from home and without the purchase of any licenses. It will be enough for your company administrator to configure access via protocols such as SSH, POP3, IMAP and SMTP.

If this has not yet been done, then to protect the servers from unauthorized access to the administrator, it makes sense to at least install a firewall (firewall) on office servers, as well as configure remote access for your employees using a VPN. We use OpenVPN software, which is available for almost any platform and operating system.

But what if the office closes completely with all servers turned off? There are four options left:

  • if possible, completely switch to cloud technologies - use a cloud CRM system, store general documents on Google Docs, etc .;
  • transport servers home to the system administrator (he will be happy ...);
  • move the servers to some data center that agrees to accept them;
  • rent server capacities in the data center or in the cloud

The first option is good because you do not need to transfer and install any servers. The results of the transition to cloud technologies will be useful to you further, they will save money and effort on maintenance and maintenance.

The second option creates problems at home with the system administrator, since the server will be around the clock and quite a lot of noise. And if the company has not one server in the office, but a whole rack?



Transporting servers to a data center is not easy either. As a rule, only servers suitable for installation in a rack can be placed in a data center. At the same time, the office often uses servers in a Big Tower type enclosure or even ordinary desktop computers. It will be difficult for you to find a data center that agrees to host similar equipment in your home (although there are such data centers, for example, we placed it in the PlanetaHost data center). You can, of course, rent the right number of racks and mount your equipment there.

Another problem with moving servers to the data center is that you will most likely need to change the IP addresses of the servers. This, in turn, may require reconfiguring the server software or making changes to some software licenses if they are tied to IP addresses.

The option of renting server capacities in a data center is easier in terms of the lack of the need to transport servers somewhere. But your system administrator will have to reinstall all the software and copy the necessary data from the servers installed in the office.

If your office technologies are based on the use of Microsoft Windows, you can rent a Microsoft Windows server in the data center with the required number of terminal licenses. Take one such license for each of your employees working with the server remotely.

Renting physical servers can cost 2-3 times cheaper than renting virtual servers in the cloud. But if you need very small capacities, and not a whole server, then the option with the cloud may be cheaper.

The increased price of cloud resources is a consequence of the reservation of hardware resources in the cloud. As a result, the cloud will probably be more reliable than a rented physical server. But here it is already necessary to assess the risks and count the money.

As for our company, which is engaged in the creation of online stores, then all the necessary resources with us have long been in data centers and are available remotely. These are proprietary and leased physical servers that are used for hosting stores, as well as virtual machines for software developers, layout designers and testers.

Transfer jobs from office to home


As we already said, employees can simply take their work computers with them - laptops or system units with monitors. If necessary, you can buy new laptops for employees by ordering their home delivery. Of course, new computers will have to install the necessary software, which will lead to additional time costs.

If employees already have home computers with Microsoft Windows, then they can use them as Microsoft Windows Server terminals or to access Linux servers. It will be enough to configure VPN access.

Our employees work both on Windows and Linux. We have very few Microsoft Windows servers, so there is no need to purchase terminal licenses for this OS. As for access to resources located in data centers, it is organized using a VPN and is additionally limited by firewalls installed on each server.

Do not forget to provide employees working at home with headsets (headphones with microphones) and a video camera. This will allow you to communicate remotely with great efficiency, almost like in an office.

Many people try to control what employees do during working hours at home by installing various specialized monitors on their computers. We never did this, we controlled only the results of work. As a rule, this is quite enough.

What to do with the printer and scanner


Web site software developers rarely need printers and scanners. However, if such equipment is necessary for employees, there will be a problem when switching to remote work.


Typically, an office MFP is installed, high-speed, large and heavy. Yes, you can send him home to such an employee who needs to print and scan most often. Unless, of course, this employee has the opportunity to host him.

But if many of your employees often scan and print documents, you will have to purchase MFPs and install them at home, or change the company's business processes.

As an alternative to the transportation and acquisition of new MFPs - an accelerated transition to electronic document management wherever possible.

Work with paper and electronic documents


Itโ€™s best if you manage to translate the entire document flow into electronic form before switching to remote work. For example, we use DIADOK for the exchange of accounting documents, and we pay bills through a client-bank.

When introducing such a system, it will be necessary to provide all employees involved in electronic document management (for example, accountants) with key fobs with an enhanced qualified electronic signature. It may take some time to get such trinkets, so it is better to be puzzled by this question in advance.

In DIADOK (as in similar services), you can configure roaming with other electronic document management operators. This will be required if the contractors use other workflow systems than yours.

If you or some of your contractors work with documents in the old fashioned way, you will have to send and receive ordinary paper letters with a visit to the post office or calling couriers. In the case of quarantine, such operations will have to be minimized.

What to do with telephony


In the first years of work, our company used landline and mobile phones. However, we very soon realized that with a large number of employees and customers we need some more adequate solution.

The most convenient for us was a virtual PBX from MangoTelecom. With its help, we got rid of binding to city phone numbers (and hence the physical location of the office). We also got the opportunity to integrate the PBX with our CRM, record customer service conversations, set up call forwarding, etc.

Next, you can install the virtual PBX application on a smartphone, laptop or desktop computer. This will allow you to make calls to Russian numbers or receive calls at domestic rates even from abroad.

Thus, the virtual PBX allows you to make the move of employees from office to home almost invisible in terms of business continuity.

If you use an office PBX, and when it is switched off, it is inevitable that it will shut down, consider switching to a virtual PBX. Find out from your telephone provider if it is possible to enable call forwarding from the city numbers of the office PBX to the incoming numbers of the virtual PBX. In this case, when switching to a virtual PBX, you will not lose incoming calls.

As for calls between employees, when working with a virtual telephone exchange, such calls, as a rule, are not charged.

Remote selection and training of employees


Replenishing the staff, in the early years of our company, we always invited candidates to the office, conducted classic interviews and gave assignments. Next, we engaged in the office of individual training for beginners in the office.

However, over time, we switched completely to remote selection of personnel.

The initial selection can be carried out using the tests attached to the vacancy on the HH website or some other recruiting service. I must say that, with proper preparation, these tests allow you to filter a significant number of candidates who do not meet the requirements.

And then everything is simple - we use Skype. Using Skype and always with the camcorder turned on, you can conduct an interview no less effectively than if the candidate was sitting next to the table.



If there are certain disadvantages, Skype has very important advantages over similar systems. First of all, via Skype you can organize a demonstration of the desktop of your computer, and this is very necessary when training and discussing working issues. Further, Skype is free, available on all major platforms, and it is easy to install on a computer or smartphone.

If you need to organize a meeting or train several employees, just create a group in Skype. Using the demonstration of his desktop, the speaker or teacher can bring to the meeting participants all the necessary materials. At the same time, in the chat window, you can publish links, text messages, exchange files or conduct dialogs.

In addition to classes on Skype, we are preparing training films (using the Camtasia Studio program, but you can use what you are used to). If these films are for internal use only, then we post them on our servers, and if for all, then on YouTube.

In most cases, this combination of educational films, Skype group classes with dialogue and desktop demonstrations, as well as individual communication between the teacher and students allows us to conduct training remotely.

Yes, there are services designed to demonstrate the desktop to a group of users, to conduct webinars, and even training platforms (including free ones). But for all this you need to pay either with money or with the time spent studying the methods of working with the platform. At the same time, free platforms may become paid. At the same time, Skype will be sufficient in many cases.

Project Collaboration


In the course of joint work on projects, we hold daily and weekly meetings, use pair programming and code reviews. Skype groups have been created for meetings and viewing the code; if necessary, desktop demos are used. As for the code, it is stored in our GitLab server, which is located in the data center.

We will organize collaboration on documents using Google Docs.

In addition to all this, we have an internal Klondike knowledge base integrated with the application processing and resource planning system (our CRM and ERP). These tools, located on servers in the data center, we have created and improved over the years. They allow us to efficiently process numerous applications from our customers, appoint performers, conduct discussions on applications, take into account working hours and do much more.

Most likely, your company is already using something similar, and when switching to remote work of employees, it will be enough to provide remote access to relevant resources.

Remote user support


Our users are owners and managers of online stores operating in almost all regions of Russia. Of course, we support them remotely.

Our support service works through a ticket system, answers questions by e-mail and phone, chatting through the administrative website of the online store and the website of our company.

At the stage of discussing tasks, we use any messengers available to the client, for example, Telegram, WhatsApp, Skype.

Sometimes it becomes necessary to see what the client does on his computer. This can be done via Skype in the desktop demo mode.

If necessary, you can remotely work at the user's computer using tools such as TeamViewer, Ammee Admin, AnyDesk, etc. To use these tools, the client will have to install the appropriate software on their computer.

VPN Access Setup


We have OpenVPN servers installed on virtual machines located in different data centers (using Debian 10 OS). The OpenVPN client is installed on the working computers of our employees in the environment of Debian, Ubuntu, MacOS and Microsoft Windows.

On the Internet you can find a lot of instructions for installing the OpenVPN server and client. You can also use my OpenVPN Installation and Configuration Guide .

I must say that the manual procedure for creating keys for employees is very tiring. To connect a new user in no more than ten seconds, we use a script similar to the one below under the spoiler.

Script for creating keys
#!/bin/bash

if [ -z "$1" ]
then
echo "============================================================="
echo "VPN -- Generate crt key pair"
echo "============================================================="
echo "Usage:  bash gen.sh username"
exit
fi

echo "============================================================="
echo "VPN -- Generate crt key pair for user: $1"
echo "============================================================="

ADMIN_EMAIL="admin@mycompany.ru"
USER=$1

RSA="/home/ca/easy-rsa-master/easyrsa3/"
PKI="$RSA"pki/
PKI_KEY="$PKI"private/
PKI_CRT="$PKI"issued/
USR_CRT="/home/ca/cert_generation/user_crt/"
USR_DISTR="/home/ca/cert_generation/user_distr/"

# If user key does not exists, create it

if [ ! -f "$PKI_KEY$USER.key" ]
then
  echo "File $PKI_KEY$USER.key does not exists, creating..."
  cd "$RSA"
  ./easyrsa build-client-full $USER nopass
fi

# Removing user folder, if exists

if [ -e "$USR_CRT$USER/" ]
then
echo "Already exists, removing user folder $USR_CRT$USER..."
rm -r -f "$USR_CRT$USER/"
fi

# Create user folder for key and other files

mkdir $USR_CRT/$USER/

# Copy OpenVPN key, cert and config files to user folder

cp "$PKI_KEY$USER.key" "$USR_CRT$USER/$USER.key"
cp "$PKI_CRT$USER.crt" "$USR_CRT$USER/$USER.crt"
cp "$PKI"ca.crt "$USR_CRT$1"

cp "$USR_DISTR"ta.key "$USR_CRT$USER"
cp "$USR_DISTR"openssl.cnf "$USR_CRT$USER"

# Copy Manual files

cp "$USR_DISTR"readme_vpn_win.txt "$USR_CRT$USER"

# Replace string "change_me" in configuration files whis user name $USER

cp "$USR_DISTR"server.conf "$USR_CRT$USER"/server.conf.1
cp "$USR_DISTR"mycompany_vpn.ovpn "$USR_CRT$USER"/mycompany_vpn_$USER.ovpn.1
cp "$USR_DISTR"readme_vpn_win.txt "$USR_CRT$USER"/readme_vpn_win.txt.1

sed "s/change_me/$USER/g" "$USR_CRT$1"/server.conf.1 > "$USR_CRT$1"/server.conf
rm "$USR_CRT$USER"/server.conf.1

sed "s/change_me/$USER/g" "$USR_CRT$1"/mycompany_vpn_$USER.ovpn.1 > "$USR_CRT$1"/mycompany_vpn_$USER.ovpn
rm "$USR_CRT$USER"/mycompany_vpn_$USER.ovpn.1

sed "s/change_me/$USER/g" "$USR_CRT$1"/readme_vpn_win.txt.1 > "$USR_CRT$1"/readme_vpn_win.txt
rm "$USR_CRT$USER"/readme_vpn_win.txt.1

# Create tar.gz and send it to administrator e-mail

tar -cvzf "$USR_CRT$USER/$USER.tar.gz" "$USR_CRT$USER/"
echo "VPN: crt, key and configuration files for user $USER" | mutt $ADMIN_EMAIL -a $USR_CRT/$USER/$USER.tar.gz -s "VPN: crt, key and configuration files for user $USER"

echo "--------->  DONE!"
echo "Keys fo user $USER sent to $ADMIN_EMAIL"


This script is passed the user identifier (using Latin letters) as a parameter at startup.

The script asks for the password Certificate Authority, which is created when the OpenVPN server is installed. Further, this script forms a directory with all the necessary certificates and configuration files for OpenVPN clients, as well as a documentation file for installing the OpenVPN client.

When creating configuration and documentation files, the user ID is substituted for change_me.

Next, the directory with all the necessary files is packaged and sent to the administrator (the address is specified directly in the script). It remains only to forward the resulting archive to the user at his email address.

We hope that you can spend your home imprisonment period profitably. Having worked out the methods of working without an office, perhaps you will continue to actively use the work of remote employees.

Good luck in moving and fruitful work at home!

More articles:


All Articles