4 Essentials For Mobile Device VPNs - InformationWeek
IoT
IoT
Mobile // Mobile Business
Commentary
10/31/2014
02:43 PM
100%
0%

4 Essentials For Mobile Device VPNs

VPNs for smartphones and tablets have different requirements than laptops. Here's what you need to know.

Smartphone Personality Test: Can You Judge Me Now?
Smartphone Personality Test: Can You Judge Me Now?
(Click image for larger view and slideshow.)

Smartphones and tablets are now essential workplace tools, but IT and security teams struggle to find the right balance between enabling access and protecting corporate information. This challenge is particularly acute when the company doesn't own the device.

As a result, organizations must stitch together both policies and tools to cover data security requirements. One tool is the mobile VPN, which encrypts traffic between a smartphone or tablet and a corporate gateway.

The encryption prevents information from being snooped while in transit across both wireless and wired networks. It can also help prevent employees and third parties from reaching parts of the corporate network they don't require access to.

According to InformationWeek's 2014 Mobile Security Survey, securing data in transit is one of the top three initiatives among respondents.

[No one cares about your data like you do. See 3 Enterprise Security Tenets To Take Personally.]

When it comes to choosing a VPN technology, there are four key factors your enterprise should consider.

1. Support for all connection mediums
VPNs should encrypt communications over any type of connection an employee uses to access the corporate network, whether a mobile hotspot, cellular connection, or public WiFi.

In addition, the VPN should provide seamless roaming. This ensures the user doesn't need to re-establish the connection or manually adjust settings when connecting to different mediums, such as moving from a WiFi connection in a café to a cellular service out on the street.

2. Compatibility with multiple operating systems
As the BYOD trend grows, along with the number of device and software options, network administrators will have less control over the operating systems employees use. The InformationWeek Mobile Security survey bears this out: 43% of respondents allow employees to bring in any device, as long as users agree to certain policies. Another 9% allow devices without any restrictions.

This means a VPN should be able to support a majority of the leading operating systems -- Windows, Android, Linux, Apple's offerings, and, ideally, a number of smaller platforms.

3. Policy flexibility
Network administrators may need to adjust backend settings to keep a VPN connection open for a different period of time depending on the user's device.

Say a mobile device goes idle more often than a laptop. Should it disconnect from the VPN tunnel each time to prevent possible third-party infiltration? Or should it remain on, so that it's easier for employees to access the VPN? Administrators need the flexibility to determine the option that best fits their requirements.

4. Interoperability with existing infrastructure
A VPN should be part of a reliable remote access infrastructure, so that the integration of new end devices into the established framework is as seamless as possible. It's important to gather information about how a VPN will operate within whatever infrastructure the company maintains.

If a product doesn't mesh with an existing network security framework, then it's not going to be of much value. As more advanced threats proliferate, interoperability between network and security components is vital.

It takes more than just a VPN to protect mobile devices and corporate data. But VPNs used in conjunction with mobile device management, access control, and application management, as well as an educated employee base, will go a long way to reducing the risks presented by mobile devices.

How cloud, virtualization, mobility, and other network-altering trends impact security -- and the IT pros responsible for infrastructure protection. Get the Network Security Career Guide issue of Network Security today.

Patrick Oliver Graf is General Manager, Americas, of NCP Engineering. His company sells its remote-access VPNs to government agencies and other organizations. A total of 24 federal, state, and local agencies have equipped themselves with NCP's technology for fast, secure ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Patrick Oliver Graf
50%
50%
Patrick Oliver Graf,
User Rank: Apprentice
11/14/2014 | 1:29:09 PM
Re: Mobile & VPN
Some great points here, which all reflect the growing pains associated with BYOD and remote access becoming the norm in the corporate world. There are certainly situations when using a VPN to access information doesn't make sense, and you're correct that VPNs can consume both battery life and data, although mobile VPNs are getting better at reducing both as much as possible. Split tunneling not being supported or enabled can be an issue with many mobile VPNs, but enterprises should seek out ones that include it as a feature and with easy configuration, to minimize performance issues like the one you mentioned. Employee education is also key, so users will understand how they can make the most out of utilizing a VPN while avoiding some of the potential drawbacks. BYOD is unavoidable, so businesses need to work with their employees to come up with sensible remote access policies and implement technologies that work for everyone using every type of device and OS.
Patrick Oliver Graf
50%
50%
Patrick Oliver Graf,
User Rank: Apprentice
11/14/2014 | 1:28:20 PM
Re: Personal VPNs?
There are a handful of key features to look for when choosing a VPN provider, Thomas. There are a number of providers offering a range of VPNs and an enterprise will want to find one that can integrate into its broader security framework. For a security conscious business, you might want to consider one that offers a mobile IPsec VPN, and you will also likely want to make sure full tunneling is set for all of the users. You'll want your provider to offer a VPN with the best encryption possible, such as one that utilizes newer encryption methods like elliptic curve cryptography if possible. Lastly, a solid VPN will be centrally managed, allowing administration to make configuration decisions to help reduce security threats and keep networks safe.
Patrick Oliver Graf
50%
50%
Patrick Oliver Graf,
User Rank: Apprentice
11/14/2014 | 1:27:33 PM
Re: Personal VPNs?
That's correct, Li – it's important to note that companies that only allow employees to use their devices as email clients are being shortsighted, especially because workers often need to access important documents and applications when working from home or in the field. With a centrally managed VPN, remote users have the option to access a corporate network securely, whether from a mobile device or tablet, which will continue to be useful as workers use a broader range of devices to work and BYOD becomes the norm.
securityczar
50%
50%
securityczar,
User Rank: Apprentice
11/6/2014 | 12:12:21 PM
Re: Personal VPNs?
I think the author is promoting the virtues of his organization's offer, NCP Engineering.
micjustin33
0%
100%
micjustin33,
User Rank: Strategist
11/5/2014 | 10:33:28 AM
Re: Personal VPNs?
Try IPVanish, You have to pay, but it's one of the best at affordable price.. This VPN works pretty well and it's easier than messing around with the phone's VPN settings. Its works well on PC and mobile devices you can get more reliable VPNs for iOS and Android from this list. http://www.bestvpnservice.com/mobile-vpn
@B52Junebug
50%
50%
@B52Junebug,
User Rank: Strategist
11/4/2014 | 12:51:20 PM
Mobile & VPN
VPN on mobile has been around since iOS and Android entered the scene. However, finding the right one has always been a challenge. Its not just the technology itself, but the UX that can kill even the best VPN solution.

Take for example: Employer requires VPN connection to access Intranet. You tap on it, it launches, but because it requires multifactor auth, you are now searching for your RSA token and that special password plus your AD user name and PW. = FAIL

Employer publishes an crutial application for business function uses VPN on demand. You launch it, because of the VPN full on connection, you hit your data cap on your wireless plan. Now your paying overages. = Fail

Same situation, you launch that critical app, it uses VPN, your device is rendered usless because the VPN doesnt know how to split tunnel traffic that doesnt belong. You find yourself trying to figure out how to kill VPN and thus creating frustration = Fail

VPN client is new and not really optimized for new mobile OS. It launches and battery dies within 2 hours. = Fail


VPN and VDI on mobile have always been a slippery slope of technology. Not only do we as employers and IT security want the best of both worlds we have to come to some realization that the device is still a phone. This can also be said about the executive who wants what they want without realizing the pitfalls of what comes from it. Then it becomes an IT problem because we didnt inform them enough about the reality of the service.

As we get further into the VPN vortex, it has come a long way in the last couple of years, ask yourself is there a better way to send communications?
LyudmilaK905
0%
100%
LyudmilaK905,
User Rank: Apprentice
11/3/2014 | 3:50:40 AM
Re: Personal VPNs?
I use Privatoria VPN for desktop and mobile. There are all instructions to setup VPN on adroid or iOS. Thus i can use the same VPN settings in all my devices and get access to all services what i need. Moreover, it's anonymous VPN provider.
Li Tan
50%
50%
Li Tan,
User Rank: Ninja
11/2/2014 | 9:44:45 PM
Re: Personal VPNs?
I think the intention of the author is listing the essentials for mobile VPN on an objective base. For mobile VPN, it needs to be flexible enough and may be less restrictive compared to the one used on desktop. Another solution adopted by some companies is not using mobile VPN but just provide instruction of configuring mobile device to receive company email to employees. In this case you can only use your mobile device as an email client for office purpose.
JOHNTIN
50%
50%
JOHNTIN,
User Rank: Apprentice
11/2/2014 | 3:13:05 AM
IT NICE
THANK YOU FOR YOUR NEWS .
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
10/31/2014 | 4:13:24 PM
Personal VPNs?
Who would you recommend as a VPN service provider for an individual concerned about security?
News
A Data-Centric Approach to the US Census
James M. Connolly, Executive Managing Editor, InformationWeekEditor in Chief,  10/12/2018
News
10 Top Strategic Predictions for 2019
Jessica Davis, Senior Editor, Enterprise Apps,  10/17/2018
Commentary
AI & Machine Learning: An Enterprise Guide
James M. Connolly, Executive Managing Editor, InformationWeekEditor in Chief,  9/27/2018
Register for InformationWeek Newsletters
Video
Current Issue
The Next Generation of IT Support
The workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll