Tablets and Smartphones have become essential tools for the workplace. The security and IT departments of corporate organizations are aware of the security threats these could cause and try to maintain a balance between the right levels of access allowed versus the necessary protection of sensitive data. Specifically this gets very challenging when the devices are not owned by the company.
Organizations invest in both a security policy and the essential security tools required as per their requirements. One of these tools is the VPN. A VPN encrypts the data flowing between the mobile phones or tablets and the corporate gateway.
This encryption helps protect the confidential information and anyone spying through the wired or wireless network would just get jumbled data and nothing of consequence. This also prevents third parties and employees from gaining access to the restricted sections of the company’s network.
Following key features should be considered while choosing the correct VPN technology:
1. Support across all mediums of connection:
A VPN should be able to encrypt information exchanged over all connection types which can be used by an employee for accessing the company network. This would include a cellular connection, local network, hotspot and the public WiFi.
Additionally, seamless roaming should be provided by the VPN. This would ensure that a user would not require reconnecting or adjustment in the settings for connecting to various mediums. For example, if a user wants to switch from a cellular network while on the road to a hotspot inside a café, it should be without any disruption.
2. Compatible with all operating Systems:
Nowadays, more and more people bring their own devices to workplace, thus the usage of operating systems by the employees cannot be restricted. A survey by Information Week reveals that 43% organizations allow their employees to use their own devices provided the users adhere to some policies. Whereas 9% of organizations allow unrestricted usage of devices.
This trend requires that the VPN should support all popular operating systems e.g. Android, Apple, Windows, Linux, Opera and some lesser known platforms too.
3. Flexibility in policy:
Network administrators might need an adjustment in the backend settings for keeping the VPN connection active for different amounts of time as per usage by an employee’s device.
For instance, mobiles go idle a lot more than a PC or a laptop. The administrators have to determine the right amount of time for each device or user to stay connected or get disconnected from the VPN, when idle. If after staying idle, it gets disconnected from the VPN, there could be a danger of snooping by a third party. Thus the policy should be flexible enough to work out the best security option.
4. Integration with existing framework:
The VPN connection should be reliable such that if new devices are integrated into the existing framework, they work seamlessly. It should be checked beforehand, how the VPN would work within the current infrastructure of the company.
If it is not compatible with the existing security framework of the company’s network, then it will not be effective is combating advanced threats to security.
Protection of corporate data and mobile devices requires more than only a VPN. But it is one of the important and effective tools used along with the other security essentials for protection of corporate data.