Just like being there
So how does a mobile user communicate with the office securely? Email is the most common method, but sometimes users need direct access to office services. A database query to check product stock levels, for example, cannot be easily or quickly performed via email. In this instance, you could email somebody at work and ask them to make the query, but a better way is to hook into the corporate network and access it yourself.
The most secure method of connecting to office networks from the road is the virtual private network (VPN). A virtual private network is a secure ‘tunnel’ for data from the mobile user to the business’s head office. For the mobile user, it’s as if their notebook or handheld were connected to the local area network, capable of accessing all the servers and data they can when they’re at the office. Data transfers to and from the user are encrypted and therefore secure.
To get a VPN up and running, software agents usually need to be installed on the mobile devices used to access the VPN -- although we’re seeing increased use of the common browser as the software agent in SSL VPNs (more on that in a moment). These software agents talk to a hardware VPN router at the head office, which manages the VPN tunnels.
VPN technology has been standardised, which means that software agents from one vendor should talk to a hardware VPN router from a different vendor as long as they’re using the same encryption protocols.
The best, most secure protocol right now is IPSec, which uses practically uncrackable encryption on data transferred to and from the mobile device. Some newer systems are using secure sockets layer (SSL) encryption – the same encryption used in online shopping – allowing users to get VPN access through a common Web browser, sparing the need for a software client.
It sounds complicated, but VPNs are rather easier and cheaper to set up than you’d expect. You can get a low-end VPN-capable Internet router/modem for less than $1000, and once you get it up and running, you’ll wonder how you managed without one.
Business Startup Guide continues: IT Security
Why go mobile?
By Ed Dawson on May 1, 2007 2:07PM