Mobile workers now account for over 25% of the worldwide worker population, about 750 million workers. This is using a broad definition of mobile worker; one who works away from their main office, whether it is on the road, in a home office, or in locations away from their company’s offices.
Using a definition that focuses upon workers that use secure remote access to the enterprise LAN, then the number of global users is about 25 million, with a market size of about $3B in revenue. The ‘other’ 725 million mobile workers use a variety of solutions depending upon their needs and their IT department’s policies: such as secure USB fobs, web browser based access, to simply allowing a laptop out of the office with company data (though increasingly we’re seeing IT departments impose restrictions on this option given some high profile data losses.)
I’ve reviewed some of these solutions in previous weblog articles: Secure Remote Access could be the Operators’ Tipping-Point to becoming a Utility or a Managed Solution Provider and Start-ups to watch: The Key Revolution’s Mobiu
What would appear at first blush to be just a matter of using IPsec (IP Security) or SSL (Secure Sockets Layer), has spawned a whole industry comprising the following groups:
- Dedicated SRA (Secure Remote Access) providers such as iPass and Fiberlink providing a package of dial-up, Ethernet, WiFi and HSDPA access options bundled with a security package for the global traveler;
- Mobile operators’ offers range from HSDPA and a simple connection manager, e.g. O2’s Mobile Connection Manager; to complete packages of managed security and remote access, e.g. Vodafone’s Secure Remote Access;
- Fixed and Mobile network operators offers similarly range from access centric to a complete managed solution across the corporate LAN as well as remote access, e.g. Orange Business Services (which is in part a resell of iPass) and BT MobileXpress;
- IT security vendors such as Symantec and Checkpoint with the unified threat management systems (both LAN, remote access and remote offices);
- Both local and global IT system integrators that package together solutions from the above providers; and
- The enterprise’s IT department; and
- A variety of secure USB solutions such as Mobiu, a secure USB and service that backs up data to a secure encrypted online MobiVault; enables collaboration and file sharing in MobiRooms; and uses a SIM (chip used in mobile phones) equipped USB drive for secure two factor authentication and to provide portable applications, e.g. secure anonymous web browsing.
Below I show two simplified landscapes for ‘Secure Remote Access’ and ‘Secure Anywhere Access (SAA) to your Data’. The SRA landscape is split across fixed, converged and mobile-centric; and access-only, security and access, and security-only solutions. The ‘Secure Anywhere Access (SAA) to your Data’ landscape splits across the three main offers of web browser-based, client-based and USB. The main difference between these two landscapes is SRA is about remote access to the corporate LAN and the resources/tools that reside there, while SAA is focused on secure anywhere access to just your data.
It’s surprising we’ve not seen a tighter bundling (convergence) of these offers. For example, a HSPA USB fob that includes the functions and services of Mobiu (e.g. two factor authentication, secure storage and collaboration) and an integrated SRA service (leveraging the two factor authentication). Rather than today’s situation which requires multiple USB fobs, multiple clients, multiple service subscriptions and lots of individual bills. It looks like here’s yet another opportunity for operators to integrate their offers, save customers money, and win market share and new revenues.
Interesting article especially on how features such as two factor authentication should be integrated with the USB modem. This is available today from AccessMyLan on o2 & Vodafone networks in the UK and Ireland. Rather than connecting to the Intenet, the USB modem connects to AccessMyLan (using mobile APN) where the user must provide their authentication credentials AND the callerID of the SIM is verified. With PIN protection enabled on the SIM, this gives two-factor ‘something you have & something you know’.
The AccessMyLan service provides client & clientless access from mobile phones and desktop/laptop devices to corporate networks and in many cases can be billed by the operator as part of a customer’s normal bill.
Thanks for letting me know.
Good article. I would like to publish it at my website http://remote-access-software.net/. May I take it?
Sure no problem.
Good technical info here, i’m in the process of reading up on secure remote access and trying to find a suitable solution for a client.
Thanks for your article.
Great article here, I found your explanation of Secure Remote Access extremely informative, thanks.
I couldn’t help noticing however that Cryptzone, providers of the AppGate Security Server, isn’t featured anywhere on your website. It really is a great SSL VPN solution and I thought it might be worth metioning.
The AppGate Security Server provides a solution for enabling and controlling Access rights for employees and 3rd parties, from any location and via any connection medium, whilst ensuring the end user’s experience is consistent regardless
of their device.
AppGate via one central console gives organizations the ability to consolidate all methods of access control into one simple to manage and control platform.
Listed are a few more key features;
• All users are treated the same, regardless of their location
• Mobile access (Apple, Windows, Android)
• Document access control
• Business continuity/disaster recovery
• Internal network segmentation
• One Time Password support
Check out this website for more information;