iPass Orchestration enforces security policy

Remote workers should have to adhere to security policies before being allowed access to corporate networks, says iPass

Remote access specialist iPass has launched a service to provide secure links between remote users and corporate networks and ensure only mobile devices that comply with company security policies can gain full access.

iPass Policy Orchestration has been developed to help companies fill any gaps in security by making sure anyone connecting to the network adheres to the company's security policy, said Ken Denman, chief executive of iPass.

"It is no longer enough simply to keep mobile workers connected; enterprises must also secure multiple points of vulnerability in the connection process from the user's device to the corporate network, and the data flow between them," he said.

iPass has grown from a small roaming ISP service into a respected corporate remote access provider. Its products enable large organisations to manage remote users as they connect to the corporate network over a variety of different links, including international ISPs, Wi-Fi hot spots and GPRS.

It is important that companies ensure remote users keep laptops and PDAs up to date with the latest patches and virus signatures so they cannot infect the network, said Dean Bubley, founder of analyst firm Disruptive Analysis.

"If you have a secure tunnel right into the enterprise, potentially you are providing any new viruses access to that same secure tunnel. The idea is that you treat your remote user as non-trusted until that user proves they have undergone the required security upgrades. Only then can they properly log on," he said.

Policy enforcement is required to protect everything from user identities to session data, but from a management point of view, the complexity should be hidden from both users and IT staff, said Chris Christiansen, vice president of IDC's Security Products programme.

"The iPass vision for Policy Orchestration treats all of these aspects as components of a coordinated system. This offers customers network coverage, security, and zero-tolerance management control in a single package," he said.