Pinpointing the Right Mobile VPN Solution
Pinpointing the right mobile VPN solution Now that we know about the mobile VPN, it's important for the IT department to know just what criteria to look for when selecting a mobile VPN solution. IT departments should look closely at the following four criteria:
1. The basics: Support for security fundamentalsAll software security solutions need to have strong authentication, encryption and data integrity. Strong authentication requires the identity of both the sender and the recipient to be verified before exchanging data-keeping both the data and network security safe. Once authentication takes place, the data must be encrypted, which requires scrambling of transmitted data with a secret key to unlock or decode the encryption for an added layer of data security. To ensure data integrity, a trustworthy security solution must validate that data has not been modified during transit, and it should automatically eliminate any changed data packages. 2. Choose a solution based on a standard security protocol While several VPN solutions meet the three fundamentals of trustworthy security, it's critical to select a VPN based on a standard security protocol. Because proprietary technology exposes the company to unknown risks and may increase the risk of a security breach, a VPN that has been tested and validated is preferred. 3. Put your mind at ease with a security solution that enforces compliance With a growing mobile work force, IT administrators must have the ability to establish, enforce and update mobile device settings to ensure regulatory compliance with regulations such as the Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA) and the PCI Data Security Standard (PCI
DSS). A VPN solution should also
provide complete records of all network events to comply with audit requirements.
It is also important that the VPN supports Network Access Control (NAC),
ensuring that connecting devices are authorized to access the network and are
compliant with the company's security policy. Devices that don't comply can be
quarantined, thereby protecting networks from unauthorized access and virus
4. Consider total cost of ownership for top-down corporate and compliance
strategy rather than short-term tactical approach
In the rush to mobilize, many IT organizations have placed a plethora of
aging, single-purpose network and security tools into service-including Wi-Fi
Protected Access (WPA2), traditional IP Security VPNs and other underperforming
mobile VPNs. Today, the enterprise has begun questioning this "one-step-behind"
and reactive mind-set in favor of a balanced approach between the total cost of
TCO) and the overall business
requirements, thus demanding a shift from tactical and short-term decisions to
working with a top-down corporate strategy focusing on IT and compliance needs.
Again, one must consider a complete security platform rather than a single-point
solution when it comes to total cost and time savings, for the following five
reasons: less support costs (fewer help desk calls, less system
administration), less maintenance and upgrade costs, lower initial investment,
less training, and less complexity.
1. The basics: Support for security fundamentals