November 4, 2011
Leave a comment
| Share this article
A Legacy Of Security
The legacy of our SafeMove product lies in very high security environments. We use these environments as our starting point, which ensures that we build a product with good security features. However, we understand that security cannot come at the expense of usability and make sure that we never fall pray to the hazards of making a highly secure product.
Although much has been written on the balance between security and usability, security and usability are not necessarily conflicting goals. Often the goal of security is perceived as preventing access, while usability is perceived as striving to give easy access. However, real security is often more focused on granting your users access to important data, and less on withholding it from others.
Still, if you are not careful, by making security your main focus through satisfying very strict security requirements, you may easily end up with a product held back by poor usability. Often products become too locked down and too difficult to use.
Let’s take the following security requirements for example:
No unencrypted, unauthenticated traffic on the network.
No way for the user to switch off or bypass the VPN or firewall.
Smart card/ one time password to be entered for every VPN session established.
These requirements can be satisfied by an IPsec VPN with strong security focus. However, blindly following such requirements may lead to a product that nobody wants to use. Satisfying the example requirements would rule out ever connecting to a Wi-Fi hotspot that requires a web landing page to log on. That takes away most public hotspots available and users will not accept that.
Also, moving between the desk and a meeting room entails switching networks, and to do that, you would need to reestablish VPN (enter your one time password), restart your applications, etc. Users will not accept that either.
With SafeMove, we provide the same level of security required in the above example, but we have addressed the usability concerns by making connectivity as simple as possible, and taking the onus out of the users’ hands. Network selection and connection establishment is automatic. Handovers between different networks are seamless. VPN connections are automatically reestablished. Hotspot login can be performed in a controlled and secured way.
Leveraging the power of the Mobile IP protocol, we’ve been able to demonstrate that by thoroughly addressing connectivity issues, the usability of a strict VPN can exceed the usability of a traditional VPN with less strict requirements. You get high quality security, built on our legacy of building for high security environments, with the usability required for today’s mobile worker.