August 23, 2012
Leave a comment
| Share this article
Secure and Hassle-free Hotspot Access
Wi-Fi hotspots, which are located everywhere and often free, offer many opportunities and benefits to both the end user and employer. The productivity benefits of fast connectivity are clear. Additionally, you can often make significant savings by using free Wi-Fi instead of cellular networks. This is true especially when traveling abroad, as international operator roaming costs can be very expensive. See our recent blog post for more on that topic.
While the benefits of Hotspots are obvious, there are still many obstacles to overcome. The two major problems that arise are security and ease of use. For both security and usability, the most problematic networks are those with a web landing page which requires the use of a browser to authenticate or accept terms. Assuming a decent Virtual Private Network (VPN) is in use, the security concerns mainly boil down to the following three issues:
- Connecting to unknown networks, outside the control of the enterprise -- networks that may be hostile.
- Exposing the browser to possibly rouge, hostile web sites, without protection from enterprise firewalls, and content filters.
- Bypassing the VPN to enable the use of the browser to authenticate.
Usability-wise, hotspot access with a VPN enabled enterprise laptop is quite a hassle. After connecting to the Wi-Fi, it usually involves several obstacles. These include:
- Noticing the need to use a browser to authenticate
- Bypassing VPN (often not allowed in high security enterprises)
- Bypassing enterprise web proxy (often not allowed by IT)
Considering those, it’s usually a hassle for the user, therefore they stay on cellular networks, resulting in both the user and the employer to miss out on the productivity benefits and cost savings.
Field service operations on the other hand, often use domestic Private APN cellular connections because of the perceived security benefits. These networks are expensive and often capped. Using Wi-Fi where possible will help to reduce the cost of workforce communications and improve the speed of connections.
With SafeMove, we’ve worked hard on making the best user experience for hassle-free hotspot access, while maintaining the highest security. The users love it, and it has passed third party security audits with flying colors.
The SafeMove Hotspot Login Assistant that we offer makes it possible to access the web landing page of a hotspot securely, under strictly controlled conditions. SafeMove includes a built-in, special purpose, secure browser that is only used specifically for the hotspot login. Hotspot login is only possible with that browser. All other TCP/IP traffic is blocked or encrypted.
Prominent features of the SafeMove Hotspot solution include:
- IPsec VPN always on, never bypassed. All traffic tunneled to the enterprise gateway.
- Secure, special purpose browser. Based on Webkit. No flash, no plugins.
- Hotspots are automatically detected, and the special browser is automatically launched.
- After logon, the mobile VPN automatically and seamlessly switches to using the higher speed hotspot network.
- No need to modify proxy settings.
Although hotspots may be free and easily accessible, their use may require unacceptable sacrifices in data security. The SafeMove Hotspot assistant is able to provide hassle-free access, and you know it’s secure from the start.