Employees Demand Mobile Functionality (and Will Do Risky Things To Get It)

Whether administrators like it or not, employees are likely already using their smartphones and tablets to do their work. They often use mobile devices to access corporate resources simply because it’s more convenient than logging onto an approved PC or laptop.

Further still, in order to access resources like files on mobile devices, employees might “mobilize” corporate content by copying files over to a cloud-based storage service like Dropbox. In this scenario, IT administrators have no idea that corporate data is residing on an unapproved service, so it has no oversight over that data or how it is used. An attacker that gets access to this employee’s Dropbox account will now have access to corporate files.

If organizations don’t provide ways to access corporate data securely, employees can often engage in risky behavior in order to make data available to them on their favorite devices.

Data Breach Risks from Compromised Mobile Devices

The portability and small size of mobile devices make them very convenient, but it also means that they are easily lost or stolen. They can also be hacked or otherwise compromised.

A VPN can ensure that secure connections to corporate resources are no longer possible once it becomes known that an end-point device is compromised. And because a VPN can allow greater monitoring of individual connections, helping detect suspicious behavior from devices, giving IT a chance to revoke privileges and stop a data breach from happening.

Increased Capabilities

Giving employees the capabilities to remotely access corporate information quickly allows them to be truly mobile employees. With secure remote access, they can more quickly respond to business needs even while not in the office. A corporation can offer mobile applications that allow employees to be more productive wherever they happen to be.

Also, by not tethering employees to their workstation, this added flexibility can counteract burnout, and lead to a better work-life balance.

Meeting Compliance Obligations and Avoiding Fines

Especially in highly regulated industries, there are certain cases where secure end-to-end remote connections can be a legal requirement.

In the healthcare industry, for instance, IPsec and SSL VPNs can be used for securing remote users accessing records in compliance with the HIPAA rules that govern U.S. patient health records.

In addition to losing customer confidence, corporations can face risk penalties and fines if sensitive data is lost or stolen.


Employees are increasingly doing work using mobile devices, which is a desirable trend for organizations that want to be more flexible and agile, but they should also be prepared to deal with the new security risks. To provide secure connections, VPN tunneling should be considered when implementing remote access for mobile devices.