LISTSERV mailing list manager LISTSERV 16.0

Help for IT-SECURITY-ALERT Archives


IT-SECURITY-ALERT Archives

IT-SECURITY-ALERT Archives


IT-SECURITY-ALERT@LISTSERV.UNL.EDU


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font

LISTSERV Archives

LISTSERV Archives

IT-SECURITY-ALERT Home

IT-SECURITY-ALERT Home

IT-SECURITY-ALERT  November 2010

IT-SECURITY-ALERT November 2010

Subject:

Network World: IPad Enterprise Invasion and Security Risks

From:

Luke Chretien <[log in to unmask]>

Reply-To:

Luke Chretien <[log in to unmask]>

Date:

Mon, 1 Nov 2010 10:29:22 -0500

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (118 lines)

This story appeared on Network World at
http://www.networkworld.com/news/2010/102910-ipad-enterprise-invasion-
and-security.html


IPad Enterprise Invasion and Security Risks 
By Tom Kaneshige, CIO 
October 29, 2010 01:13 PM ET 

IT organizations have come to a stunning realization: There is no stopping the 
great iPad enterprise invasion. Risks abound as companies must deal with 
securing iPad apps without much help from Apple, says Julie Palen, senior VP 
of mobile device management at Tangoe, a telecom expense management 
software and services provider. 

Palen's group develops software that helps companies such as Wells Fargo and 
Coca-Cola manage BlackBerries, iPhones, Android devices and iPads-any 
devices connecting to a company's back-end computing environment via 
Active Sync, BES and Good Mobile Messaging. 

The iPad, in particular, has had a rapid rise in enterprise adoption. More than 
65 percent of Fortune 500 companies are deploying or piloting the iPad, Apple 
said during its most recent earnings call. Around 60 percent of Tangoe's new 
business deals in the last quarter involve companies that have already 
deployed iPads or are planning to do so. 

But the iPad isn't really enterprise ready, in terms of manageability and 
security, says Palen, a 10-year veteran of mobile device management. She 
says IT organizations are buckling under pressure to support the iPad, even 
though the iPad wouldn't have passed last year's enterprise security 
requirements. 

CIO.com talked with Palen about the iPad's unique path to the enterprise and 
the resulting security questions.

Julie Palen, senior VP at Tangoe

What are some cool iPad projects?

Palen: We're seeing a lot of companies in retail, medical and automotive 
putting business apps on iPads. iPads are a slick, cool way of interacting with 
the customer, and companies can leverage the iPad's cool factor in the buying 
experience One cosmetic company is using iPads as point-of-sale devices in 
their retail stores in malls. The iPad shows complementary products that go 
well with a customer's selection. 

Similarly, on the automotive side, one of our customers is putting iPads into 
the hands of their sales reps out on the lots. The iPads show features that 
can be added to a specific car. A sales rep can do searches for the customer 
right on the spot. For instance, one of their other dealerships might have the 
specific car that the customer is looking for. If the customer has an iPad or 
iPhone, they can receive a notification when their car is ready, pay the bill 
online, and drive off with the car without having to deal with all of the 
paperwork. 

Aren't iPads difficult to manage and secure?

Palen: We automate the provisioning process of how the iPad connects to 
your back end data. We provide insight into that device: the OS, available 
memory, what apps are on it. The fact that I can push out apps to the iPad 
but can't remove them is problematic for the enterprise. You have to either 
lock down iPads by restricting apps on the device to only those that you push-
nothing from the App Store-or wipe devices. 

On the other hand, unlike Android, iOS apps have to go through Apple's 
certification process. So there is a level of security that apps aren't going to 
create a whole bunch of issues on the devices or in the environment. That's a 
big, big issue we see on the Android side. 

Sounds dangerous. What is the worst case scenario?

Palen: The worst case scenario involves apps that are truly a Trojan Horse 
that slips through the cracks and becomes available on an iPhone or iPad that 
is connecting to back-end data, and then wreaks havoc on an enterprise by 
capturing keystrokes or credit card information. 

But nobody is looking at this blindly. People are taking precautions to protect 
their data. And I believe Apple will provide more enterprise management 
capabilities in future releases. 

Why isn't this stifling iPad enterprise adoption?

Palen: With the iPad, IT organizations are folding under pressure. They had 
taken such a hard stance with security, and now they're allowing iPads that 
really wouldn't have met their requirements 12 months ago. There's so much 
demand. They also see so many efficiencies that can be brought to bear [by 
the iPad] that they're willing to deal with the risks. 

What are the workarounds?

Palen: You're probably not going to wipe an executive's iPad. But one of the 
things that we do is integrate with Active Directory so that we know exactly 
who someone is in the organization. You can actually set up rules so that you 
could manage executives one way and other people a different way. You can 
also differentiate between a corporate device and an individually owned 
device. 

We could do some things around VPN connections and not having apps 
residing on the device. Or we can have an icon that doesn't have data 
residing on the device. We can control the iPad from a data perspective rather 
than the app itself. There are workarounds. 

Apple has tiptoed around the enterprise for years. What's it going to take to 
force Apple's hand?

Palen: When Apple starts to see large volumes of iPads selling into the 
enterprise, and these iPads are locked down and users won't be able to buy 
additional apps, that's when Apple will start making it available for me to 
manage these apps. 

Tom Kaneshige covers Apple and Networking for CIO.com. Follow Tom on 
Twitter @[log in to unmask] Follow everything from CIO.com on Twitter @[log in to unmask] 
Email Tom at [log in to unmask] 

Read more about consumer in CIO's Consumer Drilldown. 

All contents copyright 1995-2010 Network World, Inc. 
http://www.networkworld.com 

Top of Message | Previous Page | Permalink

Advanced Options


Options

Log In

Log In

Get Password

Get Password


Search Archives

Search Archives


Subscribe or Unsubscribe

Subscribe or Unsubscribe


Archives

April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
August 2013
June 2013
April 2013
March 2013
February 2013
January 2013
November 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010

ATOM RSS1 RSS2



LISTSERV.UNL.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager