A cell VPN may also help enhance enterprise mobility, however deploying this know-how includes considerate planning.
An enterprise cell VPN establishes safe connections between customers’ cell gadgets and the assets residing on a corporation’s non-public community. There are numerous VPNs that a corporation can select from. IT decision-makers should discover one which retains company assets safe whereas additionally offering easy accessibility to distant employees.
Distant entry VPNs use tunneling protocols to encrypt information. Then, the info will be safely transmitted and acquired throughout much less safe networks, such because the web. The VPN’s authentication mechanism controls which customers acquire distant entry to the group’s safe assets. Nevertheless, most enterprise VPNs go effectively past the fundamentals. For instance, some enterprise cell VPNs can defend in opposition to malware. Some distributors additionally present performance for managing cell gadgets.
To implement a safe, efficient cell VPN, IT groups should contemplate a number of components and map out how the instrument will match into their broader method to enterprise mobility.
On-premises vs. cloud-hosted enterprise VPNs
When constructing a cell VPN technique, one of many first selections IT should make is whether or not to host the VPN domestically or to make use of a cloud-based supplier. Each approaches supply benefits and drawbacks.
On-premises VPNs
If a corporation hosts its personal VPN, it has full management over the VPN configuration and all of the underlying {hardware} and software program. This would possibly make it simpler to adjust to regulatory requirements.
The drawback is that the group should bear the complete {hardware} and software program value, in addition to the administrative overhead concerned in sustaining the VPN and maintaining it safe. This method additionally requires the group to have sufficient web bandwidth accessible to assist inbound VPN visitors.
A cell VPN has a lot of the identical performance as a conventional VPN, however it’s designed to work in a cell setting.
Cloud-based VPNs
Utilizing a cloud-based VPN is a less complicated choice, however the group should select a good VPN supplier. Some free or low-cost VPN suppliers have been identified to promote their clients’ information. With this in thoughts, organizations and IT departments ought to fastidiously contemplate the supplier’s status, monetary stability, assist mannequin and buyer base when deciding on a cell VPN choice.
Value will be one other space of concern, since a supplier might increase its charges with out warning. Some cloud-based VPN suppliers additionally carry out visitors metering. Which means that they cost clients based mostly on the quantity of visitors passing by way of the VPN, or they use throttling to decrease consumer connectivity speeds after a sure information threshold.
Earlier than choosing a cloud-based VPN, organizations should additionally decide how a lot management they want over the VPN’s configuration. That is very true for organizations which might be topic to regulatory necessities. For instance, some organizations have to implement multifactor authentication for distant employees, which not all VPN suppliers assist.
Integrating a cell VPN into an enterprise mobility technique
No matter which choice a corporation chooses, IT should handle how the VPN matches into its cell endpoint technique. On the most elementary degree, this implies ensuring {that a} VPN consumer is on the market for all of the cell machine OSes that the group helps. In any other case, some gadgets may not have the ability to connect with the VPN.
Organizations usually design their VPN infrastructure in order that gadgets should move a well being examine earlier than gaining community entry.
Organizations usually design their VPN infrastructure in order that gadgets should move a well being examine earlier than gaining community entry. The character of this well being examine varies from one group to the following. Typically, it checks that the machine meets safety requirements akin to having an up-to-date OS and being freed from malware. Most organizations additionally examine fundamental device-level safety settings, like whether or not the machine is secured with a password.
IT groups should make sure that these well being checks assist each cell and extra standard computing gadgets. In any case, the well being checks an iOS machine would want to bear are fully totally different from those who could be acceptable for a Home windows laptop computer.
One other factor that IT ought to contemplate is how the usage of cell machine VPNs would possibly have an effect on its MDM technique. Sometimes, when a person begins utilizing a private smartphone for work, they have to full a tool enrollment course of. This would possibly happen by way of an online portal, e mail hyperlink or QR code. In trade for entry to company assets, the person should permit the MDM to use numerous safety settings to the machine.
When a cell person connects to the company community by way of a VPN, they could find yourself accessing numerous assets immediately moderately than by way of the online portal. This would possibly allow a person to skip the machine enrollment course of, leaving the machine with unsecure settings.
Nevertheless, correctly configured MDM know-how can forestall unauthorized entry by requiring machine enrollment and checking compliance earlier than permitting VPN connections. To this finish, it is essential to consider cell machine entry in a cohesive method. IT groups should make sure that their MDM insurance policies apply no matter whether or not customers are connecting by way of an online portal, VPN or another means.
Editor’s notice:This text was initially written by Robert Sheldon in November 2019. Brien Posey wrote an up to date model in Might 2025 to incorporate extra particulars on VPN implementation and enhance the reader expertise.
Brien Posey is a former 22-time Microsoft MVP and a business astronaut candidate. In his greater than 30 years in IT, he has served as a lead community engineer for the U.S. Division of Protection and a community administrator for a few of the largest insurance coverage corporations in America.
Robert Sheldon is a contract know-how author. He has written quite a few books, articles and coaching supplies on a variety of matters, together with large information, generative AI, 5D reminiscence crystals, the darkish internet and the eleventh dimension.
