Q

PDA access to the intranet

We have a few users that are always out of the office, and sometimes they need to connect back to our office to access a Web application on the intranet.

We are thinking of letting these users access the application on a PDA going through a GPRS network back to our office. Here is the flow: PDA-> User key in the Web address of intranet application -> GPRS network -> our DMZ reverse proxy server -> intranet application.

What is the best way to implement the security aspects of this type of setup?


All wireless access introduces security risk. As a minimum, you would want to be sure that your GPRS-capable PDA and your proxy server support IPsec. You need to have a VPN connection to ensure that none of your sensitive intranet information is sent in plain text. There also needs to be some access control to the application. Perhaps that is already done by your reverse proxy server, but you didn't specify. The VPN connection can be used to protect the sequence used to authenticate the remote user to the application.

As with any remote access, consider the risk of a PDA (or laptop) falling into the wrong hands. Authentication information should not be stored on that PDA. If sensitive information is sent from the intranet to the PDA, consider some form of data encryption to protect the information while it is stored on the PDA. Again, the decryption key needed should not be stored on or with the PDA.


For more information on this topic, check out these SearchSecurity.com resources:
  • Best Web Links: Mobile/handheld security
  • Best Web Links: Wireless security
  • Scheier's Security Product Roundup: Wireless handhelds need defense-in-depth

  • This was first published in August 2003

    Dig deeper on Smartphone and PDA Viruses and Threats-Setup and Tools

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close