6

I'm interested in what (if any) the practical security implications of a company making use of a Private APN are as opposed to using a standard network provided APN and VPN connection back to the main corporate network.

On the face of there's some benefit in that VPN software might not be needed but I was thinking that there could be risks around how the end devices are authenticated and difficulties in restricting their access appropriately once connected.

Also are there any known attacks that take advantage of the use of network provided APNs, which could be mitigated by using a private one?

Rory McCune
  • 62,266
  • 14
  • 146
  • 222

1 Answers1

2

One of the disadvantages from a security point of view of a private APN, if I remember correctly, is that you are only securing the data traffic from the APN onwards, rather than from the device onwards. And unless you are using device policies it is trivially simple to change by the user and by an app.

As for attacks I know of none, my Google foo only brought up this article - How Mobile Carriers Expose Us to Wi-Fi Attacks - and others which discuss APN hijacking by malicious iOS apps.

Daniël W. Crompton
  • 176
  • 3