Mobile Access Management (MAM)

Is your company mobile internet regulated?

With mobile devices becoming increasingly capable of carrying out many of the day-to-day functions that used to require you to be sat at desk with a PC or laptop, so comes the increased headache for the IT department.

Firstly, just what functions should be allowed on smartphones and/or tablets?  Email, contacts and calendar are all common place but what about CRM and access to your company intranet systems?  Secondly, by allowing such access, how do you secure both the data and the device?

Many companies will simply provide a VPN from the device back into their systems. Whilst this ensures the user is checked it does create a number of issues and misses a number of security concerns.

To begin with, as anyone who has used a VPN over a cellular data network will testify, the VPN itself creates an overhead which slows the connection down. When you couple this with a dropped mobile internet connection which requires the VPN to reconnect (manually or automatically) the user experience quickly becomes very painful and most will give up or pull out the laptop.

The other problem area is when a device is connected to your corporate WAN you have most likely set up security policies, such as restricting certain firewall ports or filtering for the kinds of web content they can view.  Whilst this also applies when connected to a VPN there is typically no consideration given to the mobile device when the VPN is not connected.  In short, companies are providing their users with a mobile connection that sits outside the usual IT infrastructure and hence outside the company internet usage policies and security measures.

Historically there have been few options to address this because the simple fact of the problem is that today's mobile internet offerings have been built for the consumer and not for businesses.

So how can this be addressed? The first option is that you can speak to your mobile network provider and purchase your own Access Point Name (APN), this can cost tens of thousands of pounds to set up and also on-going every year thereafter. In today's economic climate for many companies this isn't a very attractive option.

The alternative is Timico's Mobile Access Management (MAM) solution. This in effect allows you to utilise capacity on Timico's APN for a nominal per user per month fee. This is much more affordable and provides the same secure solution.

So why use an APN, how does it work and why will it be a benefit?

To begin with the typical route for mobile traffic is from the device back through the network’s public APN and ultimately back into your network via the carriers own Internet connectivity. Timico provides a direct connection from our APN into our MPLS infrastructure then directly to your network. This allows you to encompass your mobile devices into your existing WAN without touching the Internet. With control set at the SIM card level you now have a regulated connection for that mobile device that can only connect to the internet via your existing firewall.

Now that we have secured the connection, there is no requirement for a VPN. This in turn frees up further bandwidth and improves the user experience. For example on my iPad I can simply connect to the company intranet system by opening the browser, I have no need for a VPN and therefore get a much better experience.