Are tablet computers such as Apple's iPad a security solution provider's best friend or worst nightmare? Following in the iPad's wake, just about every manufacturer seems to have announced a thin multi-touch tablet (aka "slate"). Tablets in the workplace are nothing new, but this entirely new generation poses novel security challenges and opportunities.
In short, from security and management perspectives, these new tablets must be treated like smartphones. Solution providers that want to tap tablet popularity will need to become familiar with popular smartphone operating systems, their security architectures, native security capabilities and corresponding business risks.
EReaders, tablets displacing netbooks among verticals
Field forces, health care workers, restaurant staff, and other on-the-go verticals have long used tablet PCs -- mostly ruggedized touch-screens running desktop operating systems such as Windows XP Tablet PC Edition. Those old tablets could be managed and secured pretty much like other notebooks, but they never caught fire with enterprises. Ideal for narrow vertical applications, those tablets were just too clunky, too slow to boot, and too hard on batteries for every day computing.
Instead, enterprises started to gravitate towards a different on-the-go computing form factor: netbooks. In 1Q10, netbooks and mini-notebooks represented more than 18% of worldwide PC sales, according to Santa Clara, Calif.-based analyst firm DisplaySearch. However, two new form factors have disrupted this trend:
In 2H09, vendors such as Amazon introduced eReaders, purpose-built tablets that use high-contrast electronic ink to present online books, PDFs and Web text. By 1Q10, eReader shipments had grown 241% year-to-year, and are forecasted to reach 5.8 million units in 3Q10, DisplaySearch said.
- In January 2010, Apple introduced the iPad, an ultra-thin, multi-touch tablet that ran the same operating system and apps as the popular Apple iPhone 3GS. Over the next six months, iPad sales topped 3 million, representing 6.5% of the entire netbook and mini-notebook market, according to numbers from Apple.
Smaller second generation eReaders have already emerged, and promising iPad-like "slates" have now been announced by Samsung, Toshiba, ViewSonic, Archos, HP, RIM, Verizon and Cisco. This exploding tablet market is simply too hot for solution providers to ignore -- and too different to secure with the same old products and services.
Tablet security model takes on mobile flare
Tablet success hinges on their ability to facilitate on-the-go consumption of as-needed data. Technologies such as e-ink, multi-touch, and 7- to 9-inch high-resolution oleophobic screens have made tablets more readable and usable, while integrated 3G and Wi-Fi made that data readily accessible. App stores and marketplaces have created a new software ecosystem, heavily focused on making information easier to consume.
But accomplishing these feats meant changing tablets from flat PCs into specialized devices, tailored to mobile data consumption. In other words, today's most popular tablets don't run a conventional notebook OS. They run mobile operating systems with their own security models, requiring different endpoint security programs, back-office servers and policies.
The iPad runs iOS3, soon to be upgraded to iOS4, Apple's smartphone operating system. Apple tightly controls software that can be installed on iPads, requiring even enterprise apps to be approved for download from the App Store. With iOS3, enterprises can configure security policies by generating profile files that get installed by end users. With iOS4, enterprises will be able to push profiles to iPads over-the-air using Apple's notification service and third-party mobile device managers like Sybase iAnywhere and AirWatch. Moreover, enterprises will be able to remotely monitor, locate and wipe iPads, and control which apps can be installed on them.
Samsung's Galaxy Tab, Cisco's Cius, ViewSonic's ViewPad 7, Verizon's upcoming Google Tablet, and many eReaders run Android 2.2, an open source smartphone operating system. The antithesis of iOS, Android was designed to encourage third-party software, developed using published SDKs and optionally distributed by the Android Marketplace. Enterprises can easily write and deploy their own Android apps, but Android's native security and management capabilities are limited -- for example, there is no device-level encryption and only basic support for remote ActiveSync commands like remote wipe.
- RIM's PlayBook will run a newly designed BlackBerry Tablet OS. Details are not yet available, but the company pledged that the PlayBook will be compatible with RIM's BlackBerry Enterprise Server (BES). If so, this means enterprises will be able to centrally manage and secure PlayBooks much like BlackBerry phones, including native device-level and transport encryption. However, the first PlayBooks will lack native 3G and must access the Internet over Wi-Fi or a Bluetooth-paired smartphone. Third-party apps will be installed by BES or BlackBerry's App World.
Lisa Phifer is vice president of Core Competence Inc. She has been involved in the design, implementation and evaluation of networking, security and management products for more than 25 years, and has advised companies large and small regarding security needs, product assessment, and the use of emerging technologies and best practices.
Send comments on this technical tip firstname.lastname@example.org.