Tablet computing presents a huge productivity opportunity for enterprises, particularly those in certain vertical markets such as health care. Today's tablets, such as the Apple iPad, present an opportunity for security
As described in part one of this two-part technical tip, tablet computers don't run a conventional notebook OS. They run mobile operating systems with their own security models, requiring different endpoint security programs, back-office servers and policies.
Every smartphone OS is somewhat different, but they have improved native security capabilities over the years to address key enterprise risks.
- Authenticated access -- If a tablet is lost, stolen or left unattended, enforcing native
device-level authentication (PINs, passwords) can reduce the risk of a stored data breach or device
application and connection misuse.
- Anti-loss measures -- Native remote lock, find and wipe capabilities can often be used
to recover a lost tablet or permanently prevent it from becoming a security liability, including
tablets issued to employees that no longer work for an enterprise.
- Authorization -- Mobile operating systems support native techniques like code signing,
application data protection, and device feature restrictions that enterprises can use to reduce
risks posed by mobile malware or inappropriate use. Tablets don't come with antivirus, antispam, or
intrusion detection, but such measures can be obtained from third parties.
- Data protection -- Mobile operating systems provide native support for security Web and
email traffic with SSL/TLS, Wi-Fi traffic with WPA2, and selected VPN protocols. BlackBerry and
Apple support device-level data encryption to protect data stored on a tablet. Android currently
does not, but third parties do sell file/folder encryption.
- Device management -- Solutions exist to centrally provision tablets, enforce their security settings, and monitor their usage, but range from native to third party. BlackBerry and Apple (with iOS4) provide native device management hooks; Android is limited to a small subset of ActiveSync.
For solution providers, these native tablet security capabilities and third-party tools can generate new revenue opportunities. For example, many enterprises are concerned about uncontrolled use of Apple iPads and Samsung Galaxy tablets, but have not established their own infrastructure to address them. Solution providers can fill this gap by offering rapidly activated cloud-based or managed on-premises mobile device manager services for tablets. Providers can also help back-fill native tablet security gaps by reselling or integrating third-party mobile security tools as market demand grows.
Using tablets to deliver on-site security services
Finally, solutions providers may find that tablets are an ideal form factor from which to deliver on-site services to customers.
Today's tablets are extremely portable, wireless-enabled devices that can conveniently run diagnostic tools. For example, Wi-Fi network discovery apps ("stumblers") are readily available for iOS and Android tablets -- these tools can speed and simplify a quick search for potential rogue access points. Once connected to a customer's WLAN, tablets can run apps such as ping, traceroute, port scans and SpeedTest, providing quick insight into what's actually connected to a customer's network and where vulnerabilities might lie. While tablets lack the persistent storage and horsepower of a notebook, they can be an inexpensive, handy and impressive addition to a provider's toolbox.
Furthermore, today's tablets are excellent communicators. The latest tablets have high-resolution still and video cameras, making it easy for on-site technicians to record what they see, securely share and quickly discuss it with off-site specialists. Mobile tools such as Skype and enterprise VoIP clients that run on tablets can be an inexpensive way to improve collaboration and deliver results to customers in near-real-time.Tablets can even be connected to projectors to make impromptu sales or training presentations.
Solutions providers, such as other on-the-go workforces, can also use tablets to readily research problems on the Web and answer customer questions. Providers are less likely to carry a dedicated eReader for this purpose, but all new tablets can run eReader and Acrobat Reader apps, letting on-site installers download manuals to look up parameters and values. Field support technicians can use tablets to access Internet-based maps and navigation tools, getting where they need to be with less delay or hassle. And so on.
These are just a few of the ways that tablets can benefit a security solution provider. Today's tablets are a truly novel form factor, far more convenient than old tablet PCs, and much better at displaying information than smartphones. From reselling tablet security and management software to using tablets to improve on-site service efficiency and effectiveness, tablets pose many new opportunities worthy of consideration.
Lisa Phifer is vice president of Core Competence Inc. She has been involved in the design, implementation and evaluation of networking, security and management products for more than 25 years, and has advised companies large and small regarding security needs, product assessment, and the use of emerging technologies and best practices.
Send comments on this technical tip firstname.lastname@example.org.
This was first published in October 2010