Ovum predicts the number of HSDPA connections will reach 16.5 million by the end of 2008 in Western Europe, thanks in part to the simplicity of plugging in a USB HSDPA modem and it just working rather than the complex configurations and reboots of a data card; as well as the simplicity and attractiveness of the pricing plans at just 15 GBP per month. Mobile operators are now working on providing value added services on top of this mobile broadband access. One such service is secure remote access (SRA), i.e. enabling secure access to the corporate LAN and protecting remote corporate devices (laptops and smart-phones). SRA can add $15-$30 per device per month in ARPU (Average Revenue Per User).
What would appear at first blush to be just a matter of using IPsec (IP Security) or SSL (Secure Sockets Layer), has spawned a whole industry comprising the following groups:
- Dedicated SRA providers such as iPass and Fiberlink providing a package of dial-up, Ethernet, WiFi and HSDPA access options bundled with a security package for the global traveler;
- Mobile operators’ offers range from HSDPA and a simple connection manager, e.g. O2’s Mobile Connection Manager; to complete packages of managed security and remote access, e.g. Vodafone’s Secure Remote Access;
- Fixed and Mobile network operators offers similarly range from access centric to a complete managed solution across the corporate LAN as well as remote access, e.g. Orange Business Services (which is in part a resell of iPass) and BT MobileXpress;
- IT security vendors such as Symantec and Checkpoint with the unified threat management systems (both LAN, remote access and remote offices);
- Both local and global IT system integrators that package together solutions from the above providers; and
- The enterprise’s IT department.
To expand a little more on what SRA covers: for global access it’s about providing connectivity to the corporate LAN and internet through WiFi, hotel Ethernet, dial-up and mobile broadband. On security it covers: anti-virus, firewall, anti-spyware; encryption of traffic between the PC and corporate LAN; multi-factor authentication; data protection including encryption, device control, information policy, back-up and restore; one stop connection client; policy management and control of end user behavior to meet IT policies; management reporting; central portal providing IT with improved visibility and control; all backed up with Professional Services and Help Desk.
So which supplier will dominate? Based on a recent enterprise survey I ran in the UK, Germany and the US it very much depends upon what the enterprise is buying. If it’s a security solution, then it will be from an IT security vendor or a managed solution from an operator or IT system integrator. If it’s remote access, then the operator (fixed and/or mobile) is the likely choice. For secure remote access, the choice is a little more complex, and will depend more upon the type of enterprise and its situation. For example, a large financial services enterprise, with a large IT department will have a tendency to build a solution from an IT security vendor. Though with that said we are seeing departments within large enterprise select an operator’s SRA for their team. For a SME, which has a LAN security solution, but not the remote access component, a solution from an operator will likely be their choice.
This situation puts the operator in an interesting position, it can choose to be:
- Just an access provider, which sets it on the path of being a utility;
- Find a mix of security and access that meets a segment of the enterprise, which is difficult as enterprise IT providers already bundle remote access security solutions into their unified security solutions; or
- Deliver a complete managed access and security solution, which given Verizon Business bought CyberTrust and Vodafone bought Aspective shows this is a growing focus for those operators strong in the enterprise segment.
Perhaps secure remote access will be the tipping point upon which an operator breaks-through and delivers managed services to its enterprise customers, or secede the space and focuses upon access and being a utility.