Companies have until 30 June 2021 to comply with the Protection of Personal Information Act (POPIA) or risk significant financial fines or even jail time for their executives.
By Justin Hövener, senior product manager: carrier and communications at Vox
Much focus will therefore be on data compliance during the first half of 2021, a task made more challenging given the increase in remote working. But this is where private Access Point Name (APN) solutions become an effective tool to mitigate the potential risk of data exposure resulting from a distributed work environment.
Already, there are more telecommunication operators entering the fray with an array of private APN solutions. Combine the looming ‘threat’ of POPI with a challenging economic environment, you have a situation where organisations are looking to reduce costs.
Despite the affordability of LTE data or consumer data contracts, companies cannot afford to compromise on data protection and should give serious consideration to the advantages private APNs have to offer. This requires decision-makers to focus on technology that is secure by design to safeguard company resources regardless of where people are accessing mission-critical data or whether they are reliant on mobile connections to do so.
The financial services industry has led the charge for private APNs to deliver secure, mobile access to a decentralised workforce. But the benefits extend to even SMEs who need better management of their mobile data. These private APNs give the peace of mind that the network will remain as secure as possible.
Beyond MPLS
A private APN delivers a comprehensive range of services that extend beyond the Rands and Cents argument typically associated with mobile data. Instead, the focus turns to the importance of data compliance, its integrity, and the security of accessing the corporate network using a mobile device whether that of the business or an employee’s personal one.
By specifying the data path between the SIM card and the destination network, and ensuring the resources accessible by the SIM’s user are strictly defined, a whole remote workforce can be tunnelled to a single server or single IP address over the mobile network (if that is what a company wished to accomplish) illustrating the control a private APN can offer.
Without traversing the unsecured public Internet, a private APN enables staff to access the intranet from anywhere via a mobile connection. Additionally, employees can break out from the intranet via the company’s firewall to ensure the team is always connected. Essentially, the private APN contributes to a more secure connection, the monitoring of connections, and control of those who have access to the connection.
Mobile workforce
With the unexpected surge in remote working that started in March 2020, Vox saw customer data consumption increasing by up to 10 times. This contributed to an environment where people needed to access company resources while still ensuring compliance with governance protocols and the privacy of data is maintained.
And despite the increasing availability of fibre, there are still areas in the country where it is not economically feasible to roll out this connectivity yet. This is where reliance on mobile is all-important. But accessing sensitive information ‘over the air’ is something that should fill most organisations with dread given the rise in cyberattacks targeting remote workers. Private APNs address this regardless of the mobile network used.
Customised control
Beyond the security aspect of private APNs, companies can use Vox’s Insight Portal to create usage policies and set data limits at an individual employee level. Add on a managed firewall with clear cut rules to limit unwarranted traffic types or websites which aren’t quite for work, you empower organisations to have access to managed policies that deliver better control of how employees use company mobile data and ensure it is only used for work-specific functions as opposed to streaming YouTube videos or chatting on social media for instance.
In theory, the private APN acts as an extension of the LAN, giving corporations the peace of mind that they can manage data as if the user were sitting at the office. And because the private APN is dependent on a SIM card that can only connect to the corporate network, there is no way to abuse the system. This makes it an ideal solution to help prepare organisations for POPI.