Among the first additions is encrypted storage on the device of emails and attachments, says Andrew Jaquith, an analyst at Forrester Research.
"We expect Apple's new hardware-assisted cryptosystem to allow encrypted data to remain encrypted, even if the phone has been jailbroken or compromised in a side-channel attack," Jaquith says in his report "Apple's iPhone and iPad: Secure Enough for Businesses?"
In addition, mobile device management adds APIs that support third-party applications that can lock or erase iPads that are supposed to have been compromised. These APIs also support remote device inventory and password management by third-party applications, he said.
The installation of corporate security policies can also be supported through APIs, but there is no appropriate Apple management platform for corporate use, Jaquit says. However, providers like Mobile Iron, Odyssey and Tangoe all have privileged access to Apple's APIs that could help you develop those tools.
Security Requirements (Source ZDNet)Combined with the security already supported on other devices, iPads should be easily installable and manageable within corporate networks, he said.
The updated operating system will also add support for SSL VPN that can secure remote access sessions on the iPad. The devices already support IPSEC VPNs as well as WPA2 wireless protection.
Jaquith says any company planning to support iPads should take these seven steps:
- Encrypt email sessions, which can be done using Microsoft ActiveSync.
- Erase them completely if they are lost or stolen through supported cryptographic destruction
- Lock them with a strong password
- Automatically block them when they have been unused for a certain time.
- Delete them after a set number of failed login attempts.
- Sign configuration profiles and password protect them to prevent unauthorized modifications
- Automatically refresh policies by using ActiveSync in combination with Microsoft Exchange 2007
Using the hardware encryption that comes with iOS 4.2Improve the required robustness of passwordsUse certificate-based authentication Even with all these measures taken, iPads won't be able to meet some security requirements, Jaquith says. For example, some companies require archiving of SMS messages, which cannot be done on an iPad. The tablet also doesn't support smartcard readers that tie the device to the user's cards, he said.
Translation: Raul Batista - Segu-Info
Author: Tim Green
Source: Networkworld
