4 Essentials For Mobile Device VPNs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Business
02:43 PM

4 Essentials For Mobile Device VPNs

VPNs for smartphones and tablets have different requirements than laptops. Here's what you need to know.

Smartphone Personality Test: Can You Judge Me Now?
Smartphone Personality Test: Can You Judge Me Now?
(Click image for larger view and slideshow.)

Smartphones and tablets are now essential workplace tools, but IT and security teams struggle to find the right balance between enabling access and protecting corporate information. This challenge is particularly acute when the company doesn't own the device.

As a result, organizations must stitch together both policies and tools to cover data security requirements. One tool is the mobile VPN, which encrypts traffic between a smartphone or tablet and a corporate gateway.

The encryption prevents information from being snooped while in transit across both wireless and wired networks. It can also help prevent employees and third parties from reaching parts of the corporate network they don't require access to.

According to InformationWeek's 2014 Mobile Security Survey, securing data in transit is one of the top three initiatives among respondents.

[No one cares about your data like you do. See 3 Enterprise Security Tenets To Take Personally.]

When it comes to choosing a VPN technology, there are four key factors your enterprise should consider.

1. Support for all connection mediums
VPNs should encrypt communications over any type of connection an employee uses to access the corporate network, whether a mobile hotspot, cellular connection, or public WiFi.

In addition, the VPN should provide seamless roaming. This ensures the user doesn't need to re-establish the connection or manually adjust settings when connecting to different mediums, such as moving from a WiFi connection in a café to a cellular service out on the street.

2. Compatibility with multiple operating systems
As the BYOD trend grows, along with the number of device and software options, network administrators will have less control over the operating systems employees use. The InformationWeek Mobile Security survey bears this out: 43% of respondents allow employees to bring in any device, as long as users agree to certain policies. Another 9% allow devices without any restrictions.

This means a VPN should be able to support a majority of the leading operating systems -- Windows, Android, Linux, Apple's offerings, and, ideally, a number of smaller platforms.

3. Policy flexibility
Network administrators may need to adjust backend settings to keep a VPN connection open for a different period of time depending on the user's device.

Say a mobile device goes idle more often than a laptop. Should it disconnect from the VPN tunnel each time to prevent possible third-party infiltration? Or should it remain on, so that it's easier for employees to access the VPN? Administrators need the flexibility to determine the option that best fits their requirements.

4. Interoperability with existing infrastructure
A VPN should be part of a reliable remote access infrastructure, so that the integration of new end devices into the established framework is as seamless as possible. It's important to gather information about how a VPN will operate within whatever infrastructure the company maintains.

If a product doesn't mesh with an existing network security framework, then it's not going to be of much value. As more advanced threats proliferate, interoperability between network and security components is vital.

It takes more than just a VPN to protect mobile devices and corporate data. But VPNs used in conjunction with mobile device management, access control, and application management, as well as an educated employee base, will go a long way to reducing the risks presented by mobile devices.

How cloud, virtualization, mobility, and other network-altering trends impact security -- and the IT pros responsible for infrastructure protection. Get the Network Security Career Guide issue of Network Security today.

Patrick Oliver Graf is General Manager, Americas, of NCP Engineering. His company sells its remote-access VPNs to government agencies and other organizations. A total of 24 federal, state, and local agencies have equipped themselves with NCP's technology for fast, secure ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
Thomas Claburn,
User Rank: Author
10/31/2014 | 4:13:24 PM
Personal VPNs?
Who would you recommend as a VPN service provider for an individual concerned about security?
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

New Storage Trends Promise to Help Enterprises Handle a Data Avalanche
John Edwards, Technology Journalist & Author,  4/1/2021
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
How to Submit a Column to InformationWeek
InformationWeek Staff 4/9/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll