Apple's iPad is making inroads into corporate America, and employers are taking notice. The bring your own device crowd (BYOD) is hot to use tablet computers, but security issues lurk. Here, Padmanabhan, COO of MokaFive, gives advice on how to give customers what they want — and what they need.—Jennifer Bosavage, editor
It seems as though a day doesn't pass without a new slew of articles published about the iPad and Apple's increasing penetration of the enterprise market. The iPass 2012 Mobile Workforce Report recently found that 64 percent of mobile workers now carry a tablet (the vast majority use an iPad). Of those, most use it for work, at least occasionally. Eighty percent of respondents who had not yet purchased a tablet computer said that they planned to within the next six months.
[Related story: How To Protect Mac Files In Today’s Workspace]
Chances are that your customers and prospects are also looking to offer mobile computing functionality to company employees, and they've gotten you scrambling to provide the right solutions for their use cases. However, regardless of how badly a company wants to put the iPad to work, you, as a reseller, VAR or service provider, need to find a way to make it happen—while still anticipating and preventing problems. And the biggest problem of all, (as we're all well aware) is security.
Despite the impressive market growth and enterprise popularity of the iPad, personal devices poke a "hole" in network security, paving the way for data leaks and malware infection. For example, it is not uncommon for employees to mail their work documents to their Gmail or Yahoo Mail accounts to edit on their personal machines, so they can more easily work on at home or on the road. Or, say an iPad-toting salesperson resigns. How can a company be sure he won’t take his customer list with him when he goes? Maybe a clinic would like to allow physicians to use their iPads to connect to patient records from home…but what if that iPad is lost or stolen, putting HIPAA-protected data at risk?
So, I started thinking about ways to secure personal iOS devices in a corporate environment, and came up with three basic categories of solutions—each of them with their own caveats:
1. Solutions that involve accessing and navigating a full Windows desktop from an iPad. This includes VDI (Citrix Receiver, VMware View App), remote desktop products (LogMeIn, GoToMyPC, etc.), and hosted desktops (usually hosted by managed-service providers, and mostly not enterprise-class solutions).
Caveats: These are awkward to navigate (Windows was designed to be used with a mouse, not with a fingertip!) and cannot be used offline. In general, we see these solutions as overkill—providing an interface that is unnecessarily heavy, but which adds no value.
2. Data Sync solutions/cloud-based file repositories (DropBox, Box, etc.).
Caveats: In general, these solutions have weak management controls and poor security.
3. Mobile Device Management Solutions (Zenprise, Mobile Active Defense, MobileIron, and Good Technology).
Caveats: Like VDI, those solutions are also overkill, albeit in a different way. They force you to manage the whole device, instead of just being concerned with what is truly important—your data. They also are not workable with bring-your-own-device (BYOD) programs, because the enterprise must take full control over the entire device. Personal data cannot co-exist in this model.
One size does not fit all
Now, some of the solutions I mentioned above might be perfect for some of your clients. Perhaps some companies will just prefer to disallow personal devices or personal user of corporate devices. Others may already have VDI, and so a Citrix Receiver or VMware View App would be just right for them.
However, here's what I've been brainstorming over the last several months:
1) A secure, encrypted data container that lets users run data anywhere, even on a personal device (enabling BYOD), without subjecting that data to risk or leakage.
2) A way to manage your most important assets — corporate data — and not the device.
3) Risk-free, offline access.
4) The ability to remotely wipe data from the endpoint, even if a device is lost or stolen.
5) A rich user experience.
Here's how a product like that might be used:
• Providing physicians with secure access to electronic patient records from home or from the road. Likewise for pharma companies who possess HIPAA-controlled data.
• Enabling corporate board members, contractors, and mobile workers to carry confidential data on a personal iPad without risk, even if a device is lost or stolen.
• Giving teachers access to connect to student grade portals from their iPads.
• Allowing mobile professionals a way to get access to corporate file shares, network resources, or from public or private cloud storage.
As you research solutions to your clients' problems, keep those tenets in mind. We all want to provide solutions. But it is only the most thoughtful and methodological solutions providers who make the right decisions, giving customers both what they want and what they need (whether they know they need it or not).