Securing The iPad

Even though the iPad is designed primarily as a consumer device, business people are increasingly adopting it because of its ease of use, convenience, and cool factor.  According to Apple, more than 80% of the Fortune 100 have already deployed the iPad in the enterprise, or are at least piloting it.

iPads are attractive targets to thieves, and the wireless connections could allow customer data to travel over public airwaves.  How can companies protect their sensitive customer data ?  Here are some recommendations from Mary Korolov from Internet Revolution, read the entire article:

Control access
The first step is locking down the iPad so that strangers can’t turn it on and get into your corporate networks.

Encrypt, encrypt, encrypt
All sensitive communications must be encrypted. But some applications, especially those written in-house and designed to run on older mobile devices, might be sending plain, unencrypted data over WiFi and 3G networks.  The standard SSL (Secure Sockets Layer) encryption built into the iPad’s browser is good enough security for just about anybody, and it is not difficult to set up.

Don’t save data
The iPad doesn’t have a built-in hard drive, but it does have plenty of memory.  To be on the safe side, get those documents off the device and onto your company’s servers.  Make use of VPN!

Pay attention to provisioning
Historically, Apple’s biggest disadvantage with enterprise deployments was a lack of adequate management and provisioning tools. But last summer, the release of iOS 4 plugged many of these gaps. Now companies can centrally manage all employee iPads and iPhones and set security policies for the devices. Companies can even have their own corporate app stores.

Also, be security savvy.  Don’t just download and install random applications.  Make sure that you trust the application and its author before putting onto a device that interacts with sensitive data.  It would be a shame if you put in place rigorous controls and was as careful as you can be only to have “Upset Pidgeons” or some other game sucking your data out to the Internet without your knowledge or consent. 

Be aware of who is sitting beside or behind you on your commute.  That big easy to read screen is easy for anyone to read.  I’m always surprised by what you can learn about organizations while in transit.  I have watched (and learned a thing or two about) budgets being prepared, pending legal actions and even mergers and acquisitions simply by riding the train.  I don’t make a habit of shoulder surfing, but if a guy or gal beside you has a 15″ screen with plenty of colors and numbers on it, and its half in your lap, half in theirs, chances are I’m gonna take a peak or two…

Be discrete.  I’ve seen so many people pull out their personal communications and data devices in questionable surroundings, with little regard to who may be covetting that device.  Not all people are nice, well off, or your trusted friend.  PDA’s are cheap now, but then so is crack.  I’m just sayin’…

Advertisements