This story appeared on Network World at
IPad Enterprise Invasion and Security Risks
By Tom Kaneshige, CIO
October 29, 2010 01:13 PM ET
IT organizations have come to a stunning realization: There is no stopping the
great iPad enterprise invasion. Risks abound as companies must deal with
securing iPad apps without much help from Apple, says Julie Palen, senior VP
of mobile device management at Tangoe, a telecom expense management
software and services provider.
Palen's group develops software that helps companies such as Wells Fargo and
Coca-Cola manage BlackBerries, iPhones, Android devices and iPads-any
devices connecting to a company's back-end computing environment via
Active Sync, BES and Good Mobile Messaging.
The iPad, in particular, has had a rapid rise in enterprise adoption. More than
65 percent of Fortune 500 companies are deploying or piloting the iPad, Apple
said during its most recent earnings call. Around 60 percent of Tangoe's new
business deals in the last quarter involve companies that have already
deployed iPads or are planning to do so.
But the iPad isn't really enterprise ready, in terms of manageability and
security, says Palen, a 10-year veteran of mobile device management. She
says IT organizations are buckling under pressure to support the iPad, even
though the iPad wouldn't have passed last year's enterprise security
CIO.com talked with Palen about the iPad's unique path to the enterprise and
the resulting security questions.
Julie Palen, senior VP at Tangoe
What are some cool iPad projects?
Palen: We're seeing a lot of companies in retail, medical and automotive
putting business apps on iPads. iPads are a slick, cool way of interacting with
the customer, and companies can leverage the iPad's cool factor in the buying
experience One cosmetic company is using iPads as point-of-sale devices in
their retail stores in malls. The iPad shows complementary products that go
well with a customer's selection.
Similarly, on the automotive side, one of our customers is putting iPads into
the hands of their sales reps out on the lots. The iPads show features that
can be added to a specific car. A sales rep can do searches for the customer
right on the spot. For instance, one of their other dealerships might have the
specific car that the customer is looking for. If the customer has an iPad or
iPhone, they can receive a notification when their car is ready, pay the bill
online, and drive off with the car without having to deal with all of the
Aren't iPads difficult to manage and secure?
Palen: We automate the provisioning process of how the iPad connects to
your back end data. We provide insight into that device: the OS, available
memory, what apps are on it. The fact that I can push out apps to the iPad
but can't remove them is problematic for the enterprise. You have to either
lock down iPads by restricting apps on the device to only those that you push-
nothing from the App Store-or wipe devices.
On the other hand, unlike Android, iOS apps have to go through Apple's
certification process. So there is a level of security that apps aren't going to
create a whole bunch of issues on the devices or in the environment. That's a
big, big issue we see on the Android side.
Sounds dangerous. What is the worst case scenario?
Palen: The worst case scenario involves apps that are truly a Trojan Horse
that slips through the cracks and becomes available on an iPhone or iPad that
is connecting to back-end data, and then wreaks havoc on an enterprise by
capturing keystrokes or credit card information.
But nobody is looking at this blindly. People are taking precautions to protect
their data. And I believe Apple will provide more enterprise management
capabilities in future releases.
Why isn't this stifling iPad enterprise adoption?
Palen: With the iPad, IT organizations are folding under pressure. They had
taken such a hard stance with security, and now they're allowing iPads that
really wouldn't have met their requirements 12 months ago. There's so much
demand. They also see so many efficiencies that can be brought to bear [by
the iPad] that they're willing to deal with the risks.
What are the workarounds?
Palen: You're probably not going to wipe an executive's iPad. But one of the
things that we do is integrate with Active Directory so that we know exactly
who someone is in the organization. You can actually set up rules so that you
could manage executives one way and other people a different way. You can
also differentiate between a corporate device and an individually owned
We could do some things around VPN connections and not having apps
residing on the device. Or we can have an icon that doesn't have data
residing on the device. We can control the iPad from a data perspective rather
than the app itself. There are workarounds.
Apple has tiptoed around the enterprise for years. What's it going to take to
force Apple's hand?
Palen: When Apple starts to see large volumes of iPads selling into the
enterprise, and these iPads are locked down and users won't be able to buy
additional apps, that's when Apple will start making it available for me to
manage these apps.
Tom Kaneshige covers Apple and Networking for CIO.com. Follow Tom on
Twitter @[log in to unmask] Follow everything from CIO.com on Twitter @[log in to unmask]
Email Tom at [log in to unmask]
Read more about consumer in CIO's Consumer Drilldown.
All contents copyright 1995-2010 Network World, Inc.