Security Experts Flustered over iPad

Wayne Rash

Usually when there is a press release titled 'iPad Wreaks Havoc for the Enterprise,' you figure there might be a story there. As a longtime reporter, this sort of thing really gets one's juices flowing. But every so often, it's a misguided attempt to get attention, using the events of the day in a self-serving misuse of the media.

Because of this, I'm not going to mention the alleged security problem with the iPad if only because the company wanting so badly to be quoted basically made up the problem, admitting to me in follow-up e-mails that the iPad is no worse in its security than is the iPhone or iPod Touch. Yes, you have to take steps to make sure the iPad is secure if you plan to use it in the enterprise. They are exactly the same steps you have to take with the iPhone.

So the bottom line is, if you're already handling the security issues related to most smartphones, then the iPad is no problem. More important, it's less of a security problem than most laptop computers if only because there are few malware issues related to this platform, and as the security expert crying wolf admitted, one of the benefits of Apple's tight control over its software distribution is a shortage of programs that can deliver a malware payload.

The real concern, according to this expert, is probably Android-based smartphones where there's little if any control over applications as they get developed for a more open platform. But I note that there isn't exactly a boom in Android malware, either. In short, smartphones have a lot of security issues, but they're not unique to any particular platform. Those issues include the ability to download critical data to the device and carry it outside of the company, the ability to take photos of restricted items and do the same, and the ability to use the smartphone as a vector for malware aimed at another platform.

There's nothing in the iPhone, the iPad or the iPod that makes these devices any different from a Blackberry, Palm, Windows or Android device. If it can work as a mass storage device, it can take information out of the enterprise and it can bring malware in. The primary complaint of the security expert is that security isn't 'Baked In' to the iPad. True, but this is no different from any other device readily available to users, including smartphones, laptops or tablet computers.

If you want baked-in security, there are devices available, and if you work at the Department of Defense, the White House or contract for them, you can get them. Otherwise, follow your best practices by knowing these devices are inherently insecure, and make sure you treat them accordingly. Meanwhile, ignore the red herrings and the alarmist pronouncements.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.