Problem solve Get help with specific problems with your technologies, process and projects.

PDA access to the intranet

We have a few users that are always out of the office, and sometimes they need to connect back to our office to access a Web application on the intranet.

We are thinking of letting these users access the application on a PDA going through a GPRS network back to our office. Here is the flow: PDA-> User key in the Web address of intranet application -> GPRS network -> our DMZ reverse proxy server -> intranet application.

What is the best way to implement the security aspects of this type of setup?

All wireless access introduces security risk. As a minimum, you would want to be sure that your GPRS-capable PDA and your proxy server support IPsec. You need to have a VPN connection to ensure that none of your sensitive intranet information is sent in plain text. There also needs to be some access control to the application. Perhaps that is already done by your reverse proxy server, but you didn't specify. The VPN connection can be used to protect the sequence used to authenticate the remote user to the application.

As with any remote access, consider the risk of a PDA (or laptop) falling into the wrong hands. Authentication information should not be stored on that PDA. If sensitive information is sent from the intranet to the PDA, consider some form of data encryption to protect the information while it is stored on the PDA. Again, the decryption key needed should not be stored on or with the PDA.

For more information on this topic, check out these SearchSecurity.com resources:

This was last published in August 2003

Dig Deeper on Mobile security threats and prevention

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.