Running CRM behind firewall (with VPN) or online?

Hello all!

New guy here!

I have just decided to give SuiteCRM a go. I will install using Debian linux, but what is best practice? How do most of you run your CRM here? Do you:

  1. just put it online and use the build in login
  2. use some additional measures like placing the whole catalog behind a extra htaccess login
  3. run the CRM installation on a office network and use VPN to access it?

Putting it all out online is of course the most convenient, but getting hacked by the competition is probably very inconvenient. Putting it all behind a VPN is the most secure, but configuring VPN for users and their mobile devices is a pain.

So what is the most popular approach?

Introduction as in “who am I?” I have a long background as a developer mainly unix-centric and within search technology. Right now I am running Microsoft Dynamics (through no fault of my own). But I have three scratch built CRMs under my bel that I made for my own use. First I made a FileMaker CRM, then I wrote a Java Swing CRM with a MySQL backend. Then I started porting to LAMP with Bootstrap and got half way. Then realised I don’t have time like i used to. But I have some cool stuff that I hope to port and contribute! Like a module for quickly dialling and categorising leads for instance. I am currently thinking a lot about lead recycling as a whole “ecosystem” to canvas a market.

Generally most people just put it online. Some put it online but use https as an added layer of security. However some of our larger clients do use a VPN. Its really down to you.