Slashdot Mirror


Securing Android For the Enterprise

Orome1 writes "While many companies use IPsec for secure remote access to their networks, no integrated IPsec VPN client is available on Android. Apple has already fixed this shortcoming in iOS, in part, because it wanted make the iPhone attractive for businesses. The Android operating system doesn't just lack an integrated IPsec VPN client, it also makes installing and configuring third-party VPN software quite complicated. IPsec VPN clients have to be integrated into the kernel of each device, and the client software has to be installed specifically for a memory area. This means that the firmware of each Android smartphone or tablet has to be modified accordingly. Until a 'real' IPsec VPN client is available, Android users can use their devices' integrated VPN clients based on PPTP or L2TP, which is deployed over IPsec. A 'real' IPsec VPN connection, however, is more secure because it encrypts data prior to authentication."

1 of 136 comments (clear)

  1. Stupid article is stupid by GNUALMAFUERTE · · Score: 1, Troll

    SSH is all you'll ever fucking need. You can do anything you need over SSH, including a true VPN or just VPN-like functionality. And it's as secure as it gets.

    I manage all of my servers from my android devices, and have done so for a long time. What the hell is this guy complaining about?

    Regarding the guy talking about the remote wipe ... well, that's a stupid concept. A lost/stolen phone usually doesn't have network access, and even if you do it as a deads man switch, it's not really secure. Just encrypt whatever important data you have on your device, or even better, just keep it in the cloud and access it from anywhere. All you have to do is wipe your cache regularly.

    --
    WTF am I doing replying to an AC at 5 A.M on a Friday night?