Tablet computing presents a huge productivity opportunity for enterprises, particularly those in certain vertical markets such as health care. Today's tablets, such as the Apple iPad, present an opportunity for security solution providers to support their customers by understanding the core security architecture running on these devices.
As described in part one of this two-part technical tip, tablet computers don't run a conventional notebook OS. They run mobile operating systems with their own security models, requiring different endpoint security programs, back-office servers and policies.
Every smartphone OS is somewhat different, but they have improved native security capabilities over the years to address key enterprise risks.
- Authenticated access -- If a tablet is lost, stolen or left unattended, enforcing native
device-level authentication (PINs, passwords) can reduce the risk of a stored data breach or device
application and connection misuse.
- Anti-loss measures -- Native remote lock, find and wipe capabilities can often be used
to recover a lost tablet or permanently prevent it from becoming a security liability, including
tablets issued to employees that no longer work for an enterprise.
- Authorization -- Mobile operating systems support native techniques
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
- like code signing,
application data protection, and device feature restrictions that enterprises can use to reduce
risks posed by mobile malware or inappropriate use. Tablets don't come with antivirus, antispam, or
intrusion detection, but such measures can be obtained from third parties.
- Data protection -- Mobile operating systems provide native support for security Web and
email traffic with SSL/TLS, Wi-Fi traffic with WPA2, and selected VPN protocols. BlackBerry and
Apple support device-level data encryption to protect data stored on a tablet. Android currently
does not, but third parties do sell file/folder encryption.
- Device management -- Solutions exist to centrally provision tablets, enforce their security settings, and monitor their usage, but range from native to third party. BlackBerry and Apple (with iOS4) provide native device management hooks; Android is limited to a small subset of ActiveSync.
For solution providers, these native tablet security capabilities and third-party tools can generate new revenue opportunities. For example, many enterprises are concerned about uncontrolled use of Apple iPads and Samsung Galaxy tablets, but have not established their own infrastructure to address them. Solution providers can fill this gap by offering rapidly activated cloud-based or managed on-premises mobile device manager services for tablets. Providers can also help back-fill native tablet security gaps by reselling or integrating third-party mobile security tools as market demand grows.
Using tablets to deliver on-site security services
Finally, solutions providers may find that tablets are an ideal form factor from which to deliver
on-site services to customers.
Today's tablets are extremely portable, wireless-enabled devices that can conveniently run diagnostic tools. For example, Wi-Fi network discovery apps ("stumblers") are readily available for iOS and Android tablets -- these tools can speed and simplify a quick search for potential rogue access points. Once connected to a customer's WLAN, tablets can run apps such as ping, traceroute, port scans and SpeedTest, providing quick insight into what's actually connected to a customer's network and where vulnerabilities might lie. While tablets lack the persistent storage and horsepower of a notebook, they can be an inexpensive, handy and impressive addition to a provider's toolbox.
Furthermore, today's tablets are excellent communicators. The latest tablets have high-resolution still and video cameras, making it easy for on-site technicians to record what they see, securely share and quickly discuss it with off-site specialists. Mobile tools such as Skype and enterprise VoIP clients that run on tablets can be an inexpensive way to improve collaboration and deliver results to customers in near-real-time.Tablets can even be connected to projectors to make impromptu sales or training presentations.
Solutions providers, such as other on-the-go workforces, can also use tablets to readily research problems on the Web and answer customer questions. Providers are less likely to carry a dedicated eReader for this purpose, but all new tablets can run eReader and Acrobat Reader apps, letting on-site installers download manuals to look up parameters and values. Field support technicians can use tablets to access Internet-based maps and navigation tools, getting where they need to be with less delay or hassle. And so on.
These are just a few of the ways that tablets can benefit a security solution provider. Today's tablets are a truly novel form factor, far more convenient than old tablet PCs, and much better at displaying information than smartphones. From reselling tablet security and management software to using tablets to improve on-site service efficiency and effectiveness, tablets pose many new opportunities worthy of consideration.
Lisa Phifer is vice president of Core Competence Inc. She has been involved in the design, implementation and evaluation of networking, security and management products for more than 25 years, and has advised companies large and small regarding security needs, product assessment, and the use of emerging technologies and best practices.
Send comments on this technical tip editor@searchmidmarketsecurity.com.
Join our IT
Knowledge Exchange discussion forum; please use the midmarket
security tag.
This was first published in October 2010