Jack Be Nimble, Jack Logs In Quick – No More Stumbling Over Passwords

I love reading the Sunday comics. They are filled with great humor, nuance, and insight. And conflicts punctuate the air with a flurry of letters and symbols like “#!ouch9&,” which happen to look a lot like the rules for creating strong passwords. But the password rules aren’t quite so funny.

If you are like me, the guideline for creating passwords with at least 8 characters — including letters, numbers and symbols — is barely tolerable for laptop logins. But it breaks down completely when you need to login using a mobile device, like a smartphone or tablet. Fortunately there are other approaches, such as certificate-based authentication, that can give you secure access behind the firewall without the need to type in clumsy passwords from a small keyboard.

On-demand VPN – Easy as 1-2-3

The functionality needs of smartphone users have given rise to the on-demand VPN.  For example, suppose you are using your tablet to read an email containing an embedded link to a report on your business’ SharePoint site.  If you click on the link, a streamlined workflow is initiated:

  • An on-demand VPN knows that you are trying to reach a site on your intranet, so it launches the VPN functionality for you.
  • Thanks to certificate-based authentication, your identity can be confirmed without the need to type in a password.
  • With a simple click of a URL link, you are securely connected to the report you needed without requiring a big production to login. You complete the task with minimal disruption and maximum productivity.
How does certificate-based authentication work for mobile devices?

Certificate-based authentication uses Public Key Infrastructure (PKI) and X.509 Certificates to mutually authenticate the server and the remote device. However, before you can use Certificate-based authentication, the devices need to generate public keys using the RSA algorithm, which are then signed by an Issuing Certificate Authority using the Simple Certificate Enrollment Protocol. Once the device is securely enrolled, VPN login is seamless.

As you can see, setting up certificate-based programs can be a bit complex.  But it does not have to be this way.  The installation can be prepackaged by a service provider.  This offers a structured, scripted deployment process for getting your on demand VPN, including certificate-based authentication, up and running quickly and with minimal effort.

As you formulate your business’ strategy and plans for getting the most out of your tablet and smartphone deployments, remember to keep the user experience in mind. A streamlined process for accessing corporate resources can be both secure for the business and simple for the end user, as shown in the infographic below:

ATT_Access My Lan
Where do on demand VPNs fit within your plans?  Have you made progress? Any results to share from a user experience perspective?
The Networking Exchange Blog Team About NEB Team